Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2011-0655
HistoryApr 13, 2011 - 6:55 p.m.

CVE-2011-0655

2011-04-1318:55:01
CWE-20
[email protected]
web.nvd.nist.gov
4

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

7.6

Confidence

High

EPSS

0.952

Percentile

99.4%

JSON

Microsoft PowerPoint 2007 SP2 and 2010; Office 2004, 2008, and 2011 for Mac; Open XML File Format Converter for Mac; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2; PowerPoint Viewer; PowerPoint Viewer 2007 SP2; and PowerPoint Web App do not properly validate TimeColorBehaviorContainer Floating Point records in PowerPoint documents, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted document containing an invalid record, aka โ€œFloating Point Techno-color Time Bandit RCE Vulnerability.โ€

Affected configurations

Nvd
Node
microsoftofficeMatch2004mac
OR
microsoftofficeMatch2008mac
OR
microsoftofficeMatch2011mac
OR
microsoftoffice_compatibility_packMatch2007sp2
OR
microsoftoffice_powerpoint_viewer
OR
microsoftopen_xml_file_format_convertermac
OR
microsoftpowerpointMatch2010x32
OR
microsoftpowerpointMatch2010x64
OR
microsoftpowerpoint_viewerMatch2007sp2
OR
microsoftpowerpoint_web_app

Related

saint 4
seebug 1
securityvulns 3
cve 1
prion 1
zdi 2
cvelist 1
checkpoint_advisories 2
openvas 2
nessus 2
saint
saint
Microsoft PowerPoint Floating Point Techno-color Time Bandit vulnerability
2012-01-12 00:00:00
Microsoft PowerPoint Floating Point Techno-color Time Bandit vulnerability
2012-01-12 00:00:00
Microsoft PowerPoint Floating Point Techno-color Time Bandit vulnerability
2012-01-12 00:00:00
seebug
seebug
Microsoft PowerPointๆ— ๆ•ˆ"TimeColorBehaviorContainer"่ฎฐๅฝ•่ฟœ็จ‹ไปฃ็ ๆ‰ง่กŒๆผๆดž(MS11-022)
2011-04-15 00:00:00
securityvulns
securityvulns
ZDI-11-123: Microsoft PowerPoint TimeCommandBehaviorContainer Remote Code Execution Vulnerability
2011-04-13 00:00:00
ZDI-11-124: Microsoft PowerPoint TimeColorBehaviorContainer Floating Point Record Remote Code Execution Vulnerability
2011-04-13 00:00:00
Microsoft Office multiple security vulnerabilities
2011-04-17 00:00:00
cve
cve
CVE-2011-0655
2011-04-13 18:55:01
prion
prion
Memory corruption
2011-04-13 18:55:00
zdi
zdi
Microsoft PowerPoint TimeColorBehaviorContainer Floating Point Record Remote Code Execution Vulnerability
2011-04-12 00:00:00
Microsoft PowerPoint TimeCommandBehaviorContainer Remote Code Execution Vulnerability
2011-04-12 00:00:00
cvelist
cvelist
CVE-2011-0655
2011-04-13 18:00:00
checkpoint_advisories
checkpoint_advisories
Microsoft PowerPoint Techno-color Time Bandit Code Execution - Ver2 (CVE-2011-0655)
2014-04-16 00:00:00
Microsoft PowerPoint Techno-color Time Bandit Code Execution (MS11-022; CVE-2011-0655)
2011-04-12 00:00:00
openvas
openvas
Microsoft Office PowerPoint Remote Code Execution Vulnerabilities (2489283)
2011-04-13 00:00:00
Microsoft Office PowerPoint Remote Code Execution Vulnerabilities (2489283)
2011-04-13 00:00:00
nessus
nessus
MS11-022: Vulnerabilities in Microsoft PowerPoint Could Allow Remote Code Execution (2489283)
2011-04-13 00:00:00
MS11-021 / MS11-022 / MS11-023: Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (2489279 / 2489283 / 2489293) (Mac OS X)
2011-04-13 00:00:00

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

7.6

Confidence

High

EPSS

0.952

Percentile

99.4%

JSON
Related for NVD:CVE-2011-0655
saint4seebug1securityvulns3cve1prion1zdi2cvelist1checkpoint_advisories2openvas2nessus2