Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-6063


Vulnerability Score 4.3 4.3
CVE Id CVE-2008-6063
Last Modified 05 Feb 2009 12:00:00
Published 04 Feb 2009 08:30:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE



Microsoft Word 2007, when the "Save as PDF" add-on is enabled, places an absolute pathname in the Subject field during an "Email as PDF" operation, which allows remote attackers to obtain sensitive information such as the sender's account name and a Temporary Internet Files subdirectory name.

Vulnerable Systems


  • Microsoft Word 2007


BUGTRAQ - 20080110 Word 2007 Email as PDF path disclosure flaw

Last Updated: 27 May 2016 10:49:02