Ravens PHP Scripts

Microsoft PowerPoint Unspecified Code Execution Vulnerability
Date: Friday, October 13, 2006 @ 10:59:00 PDT
Topic: Security


SECUNIA ADVISORY ID: SA22394

VERIFY ADVISORY: http://secunia.com/advisories/22394/

CRITICAL: Highly critical

IMPACT: System access

WHERE: >From remote

SOFTWARE:
Microsoft Powerpoint 2003 - http://secunia.com/product/5274/
Microsoft PowerPoint 2002 - http://secunia.com/product/2223/
Microsoft PowerPoint 2000 - http://secunia.com/product/3052/
Microsoft Office XP - http://secunia.com/product/23/



Microsoft Office 2003 Student and Teacher Edition - http://secunia.com/product/2278/
Microsoft Office 2003 Standard Edition - http://secunia.com/product/2275/
Microsoft Office 2003 Small Business Edition - http://secunia.com/product/2277/
Microsoft Office 2003 Professional Edition - http://secunia.com/product/2276/
Microsoft Office 2000 - http://secunia.com/product/24/

DESCRIPTION: Nanika has reported a vulnerability in Microsoft PowerPoint, which potentially can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to an unspecified error when processing PowerPoint presentations. According to Microsoft, the vulnerability may allow execution of arbitrary code. The vulnerability is reported in Microsoft PowerPoint 2003. Other versions may also be affected.

SOLUTION: Do not open untrusted Office documents.

PROVIDED AND/OR DISCOVERED BY: Nanika

ORIGINAL ADVISORY: Microsoft: http://blogs.technet.com/msrc/archive/2006/10/12/poc-published-for-ms-office-2003-powerpoint.aspx





This article comes from Ravens PHP Scripts
http://www.ravenphpscripts.com

The URL for this story is:
http://www.ravenphpscripts.com/modules.php?name=News&file=article&sid=2458