CVE-2011-1269

2011-05-1317:05:00

CWE-20

[email protected]

web.nvd.nist.gov

cve-2011-1269

microsoft powerpoint

rce vulnerability

memory corruption

remote code execution

7.5 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.664 Medium

EPSS

Percentile

97.9%

JSON

Microsoft PowerPoint 2002 SP3, 2003 SP3, and 2007 SP2; Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2 make unspecified function calls during file parsing without proper handling of memory, which allows remote attackers to execute arbitrary code via a crafted PowerPoint document, aka “Presentation Memory Corruption RCE Vulnerability.”

CPENameOperatorVersion
microsoft:open_xml_file_format_convertermicrosoft open xml file format convertereq*
microsoft:officemicrosoft officeeq2008
microsoft:officemicrosoft officeeq2004
microsoft:powerpointmicrosoft powerpointeq2003
microsoft:office_compatibility_packmicrosoft office compatibility packeq2007
microsoft:powerpointmicrosoft powerpointeq2007
microsoft:powerpointmicrosoft powerpointeq2002

CPE	Name	Operator	Version
microsoft:open_xml_file_format_converter	microsoft open xml file format converter	eq	*
microsoft:office	microsoft office	eq	2008
microsoft:office	microsoft office	eq	2004
microsoft:powerpoint	microsoft powerpoint	eq	2003
microsoft:office_compatibility_pack	microsoft office compatibility pack	eq	2007
microsoft:powerpoint	microsoft powerpoint	eq	2007
microsoft:powerpoint	microsoft powerpoint	eq	2002