SECUNIA ADVISORY ID: SA22394

VERIFY ADVISORY: http://secunia.com/advisories/22394/

CRITICAL: Highly critical

IMPACT: System access

WHERE: >From remote

SOFTWARE:
Microsoft Powerpoint 2003 - http://secunia.com/product/5274/
Microsoft PowerPoint 2002 - http://secunia.com/product/2223/
Microsoft PowerPoint 2000 - http://secunia.com/product/3052/
Microsoft Office XP - http://secunia.com/product/23/
Microsoft Office 2003 Student and Teacher Edition - http://secunia.com/product/2278/
Microsoft Office 2003 Standard Edition - http://secunia.com/product/2275/
Microsoft Office 2003 Small Business Edition - http://secunia.com/product/2277/
Microsoft Office 2003 Professional Edition - http://secunia.com/product/2276/
Microsoft Office 2000 - http://secunia.com/product/24/

DESCRIPTION: Nanika has reported a vulnerability in Microsoft PowerPoint, which potentially can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to an unspecified error when processing PowerPoint presentations. According to Microsoft, the vulnerability may allow execution of arbitrary code. The vulnerability is reported in Microsoft PowerPoint 2003. Other versions may also be affected.

SOLUTION: Do not open untrusted Office documents.

PROVIDED AND/OR DISCOVERED BY: Nanika

ORIGINAL ADVISORY: Microsoft: http://blogs.technet.com/msrc/archive/2006/10/12/poc-published-for-ms-office-2003-powerpoint.aspx