2009-02-05 01:00:00
mitre
PUBLISHED
Microsoft Word 2007, when the "Save as PDF" add-on is enabled, places an absolute pathname in the Subject field during an "Email as PDF" operation, which allows remote attackers to obtain sensitive information such as the senders account name and a Temporary Internet Files subdirectory name.