cpe:/a:microsoft:publisher:2002:sp3 cpe:/a:microsoft:publisher:2003:sp3 cpe:/a:microsoft:publisher:2007:sp2 cpe:/a:microsoft:publisher:2010 CVE-2010-2570 2010-12-16T14:33:02.100-05:00 2017-09-18T21:31:03.080-04:00 9.3 NETWORK MEDIUM NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2010-12-16T15:23:00.000-05:00 SECTRACK 1024885 IAVM IAVM:2010-A-0171 MS MS10-103 CERT TA10-348A Heap-based buffer overflow in pubconv.dll (aka the Publisher Converter DLL) in Microsoft Publisher 2002 SP3, 2003 SP3, 2007 SP2, and 2010 allows remote attackers to execute arbitrary code via a crafted Publisher file that uses an old file format, aka "Heap Overrun in pubconv.dll Vulnerability."