The vulnerability is caused due to boundary errors in PUBCONV.DLL within the processing of older version PUB files. This can be exploited to cause a two stage pointer overwrite when a specially crafted file is opened. This module will generate a specially crafted file within a zip archive and sent it through email or make it available to download from Core Impact's Web Server.
CVE Link
Exploit Platform
Exploit Type
Product Name