CVE-2010-2571

CVE Database · CVE-2010-2571

CVE-2010-2571

· N/AModified

CVSS v3.1

N/A

EPSS

21.77%

Published

Dec 16, 2010

Modified

Apr 28, 2026

Public PoC / Exploit

All weaponized →

No public PoC or exploit code indexed for this CVE.

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Array index error in pubconv.dll (aka the Publisher Converter DLL) in Microsoft Publisher 2002 SP3 and 2003 SP3 allows remote attackers to execute arbitrary code via a crafted Publisher 97 file, aka "Memory Corruption Due To Invalid Index Into Array in Pubconv.dll Vulnerability."

Weaknesses (CWE)

CWE-20

Affected Products (2)

microsoft · publishervulnerable

References (8)

http://www.securitytracker.com/id?1024885

http://www.us-cert.gov/cas/techalerts/TA10-348A.html

US Government Resource

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-103

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12298

http://www.securitytracker.com/id?1024885

http://www.us-cert.gov/cas/techalerts/TA10-348A.html

US Government Resource

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-103

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12298

KEV Catalog EPSS Scores Vendors All CVEs