Microsoft PowerPoint Could Allow Remote Code Execution Vulnerabilities (949785) Network Vulnerability

Summary

This host is missing critical security update according to Microsoft Bulletin MS08-051.

Impact

Remote attackers could be able to corrupt memory locations via a specially crafted PowerPoint files. Impact Level : System

Solution

Run Windows Update and update the listed hotfixes or download and update mentioned hotfixes in the advisory from the below link. http://www.microsoft.com/technet/security/bulletin/ms08-051.mspx

Insight

Multiple flaw are due to, - an integer overflow error when handling CString objects. - a memory calculation error when processing malformed picture indexes and list values.

Affected

Microsoft PowerPoint 2002/XP/2003/2007 on Windows (All). Microsoft PowerPoint Viewer 2003/2007 on Windows (All).

References

http://www.microsoft.com/technet/security/bulletin/ms08-051.mspx

Updated on 2015-03-25

Severity

Classification

CVE CVE-2008-0120, CVE-2008-0121, CVE-2008-1455

CVSS	Base Score: 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Flaw in Microsoft VM Could Allow Code Execution (810030)
Microsoft .NET Framework and Silverlight Remote Code Execution Vulnerability (2604930)
Microsoft Distributed File System Remote Code Execution Vulnerabilities (2535512)
Cumulative Security Update for Internet Explorer (931768)
Microsoft Excel Could Allow Remote Code Execution Vulnerabilities (954066)

Take action and discover your vulnerabilities