This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.
This signature detects a vulnerability in Microsoft Publisher which may result in remote code execution.
Microsoft Publisher is a desktop publishing application available for Microsoft Windows.
Publisher is prone to a buffer-overflow vulnerability because the application fails to perform adequate boundary checks on user-supplied data. This issue occurs in the code responsible for converting files from the Publisher 97 format. Specifically, when parsing a Textbox item included in a Publisher 97 file, a buffer overflow may occur.
An attacker can exploit this issue by enticing a victim to open a malicious Publisher file.
Successful exploits would allow an attacker to execute arbitrary code in the context of the currently logged-in user.
The vendor has released an advisory and updates. Please see the references for details.