Array index error in FL21WIN.DLL in the PowerPoint Freelance Windows 2.1 Translator in Microsoft PowerPoint 2000 and 2002 allows remote attackers to execute arbitrary code via a Freelance file with unspecified "layout information" that triggers a heap-based buffer overflow.
https://exchange.xforce.ibmcloud.com/vulnerabilities/51034
http://www.securityfocus.com/bid/35275
http://www.securityfocus.com/archive/1/504215/100/0/threaded
http://securitytracker.com/id?1022369