CVE-2012-0013

Name of the Vulnerable Software and Affected Versions Microsoft Windows versions prior to the fixed version

Description A remote code execution issue exists due to an incomplete blacklist vulnerability in the Windows Packager configuration. This allows remote attackers to execute arbitrary code via a crafted ClickOnce application in a Microsoft Office document, related to .application files. The issue is related to the way Windows Packager loads ClickOnce applications embedded in Microsoft Office files.

Recommendations For Microsoft Windows versions prior to the fixed version, update to the latest version to resolve the issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.