The host is installed with Microsoft Publisher 2003 and is prone to negative value allocation vulnerability. A flaw is present in the application, which fails to properly validate an array size while parsing specially crafted Publisher files. Successful exploitation allows attackers to execute arbitrary code.