Microsoft PowerPoint Memory Corruption Vulnerability
Secunia Advisory: SA21061 Print Advisory
Release Date: 2006-07-18
Critical:
Highly critical
Impact: DoS
System access
Where: From remote
Solution Status: Unpatched
Software: Microsoft Office 2000
Microsoft Office 2003 Professional Edition
Microsoft Office 2003 Small Business Edition
Microsoft Office 2003 Standard Edition
Microsoft Office 2003 Student and Teacher Edition
Microsoft Office PowerPoint 2003 Viewer
Microsoft Office XP
Microsoft PowerPoint 2000
Microsoft PowerPoint 2002
Microsoft Powerpoint 2003
Select a product and view a complete list of all Patched/Unpatched
Secunia advisories affecting it.
CVE reference: CVE-2006-3655
CVE-2006-3656
CVE-2006-3660
Description:
naveed has discovered a vulnerability in Microsoft PowerPoint, which
potentially can be exploited by malicious people to compromise a user's
system.
The vulnerability is caused due to the application using data taken
directly from a PowerPoint presentation file as a pointer when saving or
closing the presentation. This can be exploited to corrupt memory and
manipulate the program flow in various ways.
Successful exploitation crashes the application and arbitrary code
execution may potentially also be possible, but has not currently been
proven.
The vulnerability has been confirmed on Windows XP SP2 with a fully
patched PowerPoint 2003. Other versions may also be affected.
NOTE: Two other issues, which can be exploited to crash the application,
have also been reported.
Solution:
Do not open untrusted Office documents.
Provided and/or discovered by:
naveed
Please note: The information, which this Secunia Advisory is based upon,
comes from third party unless stated otherwise.
Secunia collects, validates, and verifies all vulnerability reports
issued by security research groups, vendors, and others.
============= PCWorks Mailing List =================
Don't see your post? Check our posting guidelines &
make sure you've followed proper posting procedures,
http://pcworkers.com/rules.htm
Contact list owner <[EMAIL PROTECTED]>
Unsubscribing and other changes: http://pcworkers.com
=====================================================
