Lucene search
Copyright (C) 2011 Greenbone AGOPENVAS:1361412562310801594HistoryFeb 23, 2011 - 12:00 a.m.
Microsoft PowerPoint 2007 OfficeArt Atom RCE Vulnerability
2011-02-2300:00:00
Copyright (C) 2011 Greenbone AG
plugins.openvas.org
20
7.2 High
AI Score
Confidence
Low
9.3 High
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.951 High
EPSS
Percentile
99.3%
Microsoft Office Power Point is prone to a remote code execution (RCE)
vulnerability.
This VT has been replaced by OID:1.3.6.1.4.1.25623.1.0.902411.
# SPDX-FileCopyrightText: 2011 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.0.801594");
script_version("2023-06-27T05:05:30+0000");
script_tag(name:"deprecated", value:TRUE);
script_tag(name:"last_modification", value:"2023-06-27 05:05:30 +0000 (Tue, 27 Jun 2023)");
script_tag(name:"creation_date", value:"2011-02-23 12:24:37 +0100 (Wed, 23 Feb 2011)");
script_tag(name:"cvss_base", value:"9.3");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:C/I:C/A:C");
script_cve_id("CVE-2011-0976");
script_name("Microsoft PowerPoint 2007 OfficeArt Atom RCE Vulnerability");
script_xref(name:"URL", value:"http://zerodayinitiative.com/advisories/ZDI-11-044/");
script_xref(name:"URL", value:"http://dvlabs.tippingpoint.com/blog/2011/02/07/zdi-disclosure-microsoft");
script_tag(name:"qod_type", value:"registry");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2011 Greenbone AG");
script_family("Windows");
script_tag(name:"impact", value:"Successful exploitation will allow attacker to execute arbitrary
codes, can cause memory corruption and other attacks in the context of the
application through a crafted Power Point file.");
script_tag(name:"affected", value:"MS PowerPoint 2007 Service Pack 2.");
script_tag(name:"insight", value:"The flaw exists with the way application will parse external
objects within an Office Art container. When parsing this object, the
application will append an uninitialized object to a list. When destroying this
object during document close (WM_DESTROY), the application will access a method
that does not exist.");
script_tag(name:"solution", value:"No known solution was made available for at least one year since the disclosure
of this vulnerability. Likely none will be provided anymore. General solution options are to upgrade to a newer
release, disable respective features, remove the product or replace the product by another one.");
script_tag(name:"summary", value:"Microsoft Office Power Point is prone to a remote code execution (RCE)
vulnerability.
This VT has been replaced by OID:1.3.6.1.4.1.25623.1.0.902411.");
script_tag(name:"solution_type", value:"WillNotFix");
exit(0);
}
exit(66); ## This VT is deprecated as addressed in secpod_ms11-021.nasl.Related
nvd
nvd
CVE-2011-0976
2011-02-10 19:00:01
checkpoint_advisories
checkpoint_advisories
zdi
zdi
cve
cve
CVE-2011-0976
2011-02-10 19:00:01
cvelist
cvelist
CVE-2011-0976
2011-02-10 18:00:00
prion
prion
Memory corruption
2011-02-10 19:00:00
openvas
openvas
Microsoft PowerPoint 2007 OfficeArt Atom Remote Code Execution Vulnerability
2011-02-23 00:00:00
Microsoft Office PowerPoint Remote Code Execution Vulnerabilities (2489283)
2011-04-13 00:00:00
Microsoft Office PowerPoint Remote Code Execution Vulnerabilities (2489283)
2011-04-13 00:00:00
nessus
nessus
securityvulns
securityvulns
Microsoft Office multiple security vulnerabilities
2011-04-17 00:00:00
7.2 High
AI Score
Confidence
Low
9.3 High
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.951 High
EPSS
Percentile
99.3%
Related for OPENVAS:1361412562310801594