Microsoft PowerPoint Code Execution Vulnerability Date: Friday, September 29, 2006 @ 03:44:10 CDT Topic: Security SECUNIA ADVISORY ID: SA22127 VERIFY ADVISORY: http://secunia.com/advisories/22127/ CRITICAL: Extremely critical IMPACT: System access WHERE: >From remote SOFTWARE: Microsoft PowerPoint 2000 http://secunia.com/product/3052/ Microsoft Office XP http://secunia.com/product/23/ Microsoft Office X for Mac http://secunia.com/product/2610/ Microsoft Office 2004 for Mac http://secunia.com/product/8713/ Microsoft Office 2003 Student and Teacher Edition http://secunia.com/product/2278/ Microsoft Office 2003 Standard Edition http://secunia.com/product/2275/ Microsoft Office 2003 Small Business Edition http://secunia.com/product/2277/ Microsoft Office 2003 Professional Edition http://secunia.com/product/2276/ Microsoft Office 2000 http://secunia.com/product/24/ Microsoft PowerPoint 2002 http://secunia.com/product/2223/ Microsoft Powerpoint 2003 http://secunia.com/product/5274/ DESCRIPTION: A vulnerability has been reported in Microsoft PowerPoint, which can be exploited by malicious people to compromise a user's system. The vulnerability is due to an unspecified error when processing PowerPoint documents containing a malformed string. This can be exploited to corrupt system memory and may allow execution of arbitrary code when a malicious PowerPoint document is opened. NOTE: This vulnerability is reportedly being exploited in the wild. SOLUTION: Do not open untrusted Office documents. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: Microsoft: http://www.microsoft.com/technet/security/advisory/925984.mspx OTHER REFERENCES: US-CERT VU#231204: http://www.kb.cert.org/vuls/id/231204 This article comes from Ravens PHP Scripts https://www.ravenphpscripts.com The URL for this story is: https://www.ravenphpscripts.com/modules.php?name=News&file=article&sid=2418