Microsoft PowerPoint remote code execution vulnerability
Microsoft PowerPoint remote code execution vulnerability
Date Discovered: 2006. szeptember 27.
Date Published: 2006. szeptember 28.
Last Updated: 2006. szeptember 28.
Threat Assessment
Overall Risk: High
Impact: Critical
Popularity: High
Simplicity: Low
Vulnerability Description
Vulnerability ID: 34641
Discovered By: Anonymous
Exploitable Locally: No
Exploitable Remotely: Yes
Impact: A remote attacker can execute arbitrary code.
Root Cause: Software Vulnerability
Microsoft PowerPoint contains a vulnerability that can allow a remote attacker to execute arbitrary code. The vulnerability is due to memory corruption while handling malicious PowerPoint file.. An attacker can entice a user to open a specially crafted PowerPoint file sent via email message or visit the malicious website to execute arbitrary code.
Recommendations
For: Microsoft Office PowerPoint 2000 SP2 x86 32 EN, Microsoft Office PowerPoint 2000 SP3 x86 32 EN, Microsoft Office PowerPoint 2000 SR-1a x86 32 EN, Microsoft Office PowerPoint 2000 x86 32 EN, Microsoft Office PowerPoint 2002 SP1 x86 32 EN, Microsoft Office PowerPoint 2002 SP2 x86 32 EN, Microsoft Office PowerPoint 2002 SP3 x86 32 EN, Microsoft Office PowerPoint 2002 x86 32 EN, Microsoft Office PowerPoint 2003 SP1 x86 32 EN, Microsoft Office PowerPoint 2003 SP2 x86 32 EN, Microsoft Office PowerPoint 2003 x86 32 EN
Please use the following workarounds:
1. Use PowerPoint Viewer 2003 to open and view files.
2. Do not open or save PowerPoint files that you receive from un-trusted sources or that you receive unexpectedly from trusted sources.
Affected Technologies
Microsoft: Microsoft Office PowerPoint 2000 SP2 x86 32 EN
Microsoft: Microsoft Office PowerPoint 2000 SP3 x86 32 EN
Microsoft: Microsoft Office PowerPoint 2000 SR-1a x86 32 EN
Microsoft: Microsoft Office PowerPoint 2000 x86 32 EN
Microsoft: Microsoft Office PowerPoint 2002 SP1 x86 32 EN
Microsoft: Microsoft Office PowerPoint 2002 SP2 x86 32 EN
Microsoft: Microsoft Office PowerPoint 2002 SP3 x86 32 EN
Microsoft: Microsoft Office PowerPoint 2002 x86 32 EN
Microsoft: Microsoft Office PowerPoint 2003 SP1 x86 32 EN
Microsoft: Microsoft Office PowerPoint 2003 SP2 x86 32 EN
Microsoft: Microsoft Office PowerPoint 2003 x86 32 EN
References
Microsoft: 925984
Mitre CVE: CVE-2006-4694
More information on CA Vulnerability Information Center:
http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=34641
Computer Associates – the Trusted Source of Security Knowledge
Back
- Microsoft revamps Bing to include interactive social sidebar
The three-column interface also includes a ´snapshot´ for more direct interaction with products and places.
- Adobe Creative Cloud Now Available
Two New Touch Apps for iOS and Adobe Muse Also Shipping
- Acer G6 series - Super-slim design, inspiring performance
- Come Explore the VIA Smart Ecosystem at Computex 2012
- HP tries to beat ultrabook pricing with thin-and-light Sleekbooks
- MasterCard´s PayPass Wallet will span online, mobile, in-store shopping
- Google infringed Java copyrights in Android, jury finds
- After false alarm, no verdict Friday in Oracle Google
- Lenovo building industrial center to develop tablets, smartphones
- Facebook´s valuation for IPO will be lower than initially expected
Member of IVSZ
Member of SZEK
Acer Affinity Gold partner
Dell Registered Partner
OKI System Shinrai Partner
XEROX Viszonteladó
APC megbízható szállító
EATON Authorized Partner
Cisco partner
Symantec Software Partner
ESET Partner
FUJITSU partner
LENOVO Premium Partner
IBM Business Partner
PARTNERS: Computerworld.hu | GameStar.hu | PCWorld.hu | SG.hu | PC Guru | Hitel