CVE-2007-3678

Name of the Vulnerable Software and Affected Versions QuarkXPress version 7.2

Description A stack-based buffer overflow issue exists in the MSWord text-import extension of QuarkXPress, specifically when using the Rectangle Text Box tool for importing text. This allows remote attackers to execute arbitrary code via a long font name, but it requires user assistance.

Recommendations For QuarkXPress version 7.2, update to a newer version that addresses this issue to prevent exploitation. As a temporary workaround, consider avoiding the use of long font names when importing text with the Rectangle Text Box tool.