CVE-2013-1321

Name of the Vulnerable Software and Affected Versions Microsoft Publisher version 2003 SP3

Description A remote code execution issue exists due to improper data type checking of an unspecified return value when parsing Publisher files. This could allow an attacker to execute arbitrary code via a crafted Publisher file. If successfully exploited, an attacker could gain complete control of an affected system, enabling them to install programs, view, change, or delete data, or create new accounts with full user rights. The impact may be less severe for users with limited user rights compared to those operating with administrative rights.

Recommendations For Microsoft Publisher 2003 SP3, at the moment, there is no information about a newer version that contains a fix for this vulnerability.