Описание
Microsoft Word 2007, when the "Save as PDF" add-on is enabled, places an absolute pathname in the Subject field during an "Email as PDF" operation, which allows remote attackers to obtain sensitive information such as the sender's account name and a Temporary Internet Files subdirectory name.
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:microsoft:word:2007:*:*:*:*:*:*:*
EPSS
Процентиль: 95%
0.17414
Средний
4.3 Medium
CVSS2
Дефекты
CWE-200
Связанные уязвимости
github
больше 3 лет назад
Microsoft Word 2007, when the "Save as PDF" add-on is enabled, places an absolute pathname in the Subject field during an "Email as PDF" operation, which allows remote attackers to obtain sensitive information such as the sender's account name and a Temporary Internet Files subdirectory name.
EPSS
Процентиль: 95%
0.17414
Средний
4.3 Medium
CVSS2
Дефекты
CWE-200