Summary
This host is missing a critical security update according to Microsoft Bulletin MS09-017.
Impact
Successful exploitation will let the attacker execute arbitrary codes, and can cause Memory Corruption, Integer Overflow and other attacks in the context of the application through crafting malicious codes inside a powerpoint file.
Impact Level: System
Solution
Run Windows Update and update the listed hotfixes or download and update mentioned hotfixes in the advisory from the below link, http://www.microsoft.com/technet/security/Bulletin/MS09-017.mspx
Insight
For more information about vulnerabilities on PowerPoint, go through the links mentioned in references.
Affected
MS PowerPoint 2000 Service Pack 3 and prior
MS PowerPoint 2002 Service Pack 3 and prior
MS PowerPoint 2003 Service Pack 3 and prior
MS PowerPoint 2007 Service Pack 2 and prior
MS PowerPoint Viewer 2003/2007
References
Severity
Classification
-
CVSS Base Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C
Related Vulnerabilities
- Microsoft .NET Framework Remote Code Execution Vulnerabilities (2878890)
- Microsoft Excel Could Allow Remote Code Execution Vulnerabilities (954066)
- Microsoft .NET Common Language Runtime Remote Code Execution Vulnerability (2265906)
- Microsoft Internet Explorer Multiple Memory Corruption Vulnerabilities (2879017)
- ADODB.Stream object from Internet Explorer (KB870669)