pubconv.dll (aka the Publisher Converter DLL) in Microsoft Publisher 2002 SP3 does not properly perform array indexing, which allows remote attackers to execute arbitrary code via a crafted Publisher file that uses an old file format, aka "Array Indexing Memory Corruption Vulnerability."
用户可参考如下供应商提供的安全公告获得补丁信息:http://www.microsoft.com/technet/security/bulletin/ms10-103.mspx