No content since 2004
Feel free to donate
Chris @ MyITforum
Subscribe in a reader
Subscribe to Chris Mosby at myITforum.com by Email
Microsoft PowerPoint Code Execution Vulnerability Secunia Advisory: SA22127 Release Date: 2006-09-28 Critical: Extremely critical Impact: System access Where: From remote Solution Status: Unpatched Software: Microsoft Office 2000 Microsoft Office 2003 Professional Edition Microsoft Office 2003 Small Business Edition Microsoft Office 2003 Standard Edition Microsoft Office 2003 Student and Teacher Edition Microsoft Office 2004 for Mac Microsoft Office X for Mac Microsoft Office XP Microsoft PowerPoint 2000 Microsoft PowerPoint 2002 Microsoft Powerpoint 2003 CVE reference: CVE-2006-4694 (Secunia mirror) Description: A vulnerability has been reported in Microsoft PowerPoint, which can be exploited by malicious people to compromise a user's system. The vulnerability is due to an unspecified error when processing PowerPoint documents containing a malformed string. This can be exploited to corrupt system memory and may allow execution of arbitrary code when a malicious PowerPoint document is opened. NOTE: This vulnerability is reportedly being exploited in the wild. Solution: Do not open untrusted Office documents. Provided and/or discovered by: Reported by the vendor. Original Advisory: Microsoft: http://www.microsoft.com/technet/security/advisory/925984.mspx Other References: US-CERT VU#231204: http://www.kb.cert.org/vuls/id/231204 Please note: The information that this Secunia Advisory is based on comes from a third party unless stated otherwise. Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others.
Microsoft PowerPoint Code Execution Vulnerability - Advisories - Secunia
No Comments