Microsoft PowerPoint Could Allow Remote Code Execution Vulnerabilities (949785)

Microsoft PowerPoint Remote Code Execution (949785

Reporter	Title	Published	Views	Family All 29
Check Point Advisories	Microsoft PowerPoint TxMasterStyle10Atom Processing Code Execution (MS08-051; CVE-2008-1455)	29 May 200800:00	–	checkpoint_advisories
Check Point Advisories	Microsoft PowerPoint Viewer Memory Allocation Code Execution (MS08-051; CVE-2008-0120; CVE-2008-0121)	12 Aug 200800:00	–	checkpoint_advisories
Check Point Advisories	Microsoft PowerPoint Viewer 2003 Picture Integer Overflow - Ver2 (CVE-2008-0120)	3 Mar 201400:00	–	checkpoint_advisories
Check Point Advisories	Microsoft PowerPoint TxMasterStyle10Atom Processing Code Execution (MS08-051) - Ver2 (CVE-2008-1455)	3 Mar 201400:00	–	checkpoint_advisories
Check Point Advisories	Microsoft PowerPoint Viewer 2003 MSODRAWING Property Heap Buffer Overflow - Ver2 (CVE-2008-0121)	3 Mar 201400:00	–	checkpoint_advisories
CVE	CVE-2008-0120	13 Aug 200800:00	–	cve
CVE	CVE-2008-0121	13 Aug 200800:00	–	cve
CVE	CVE-2008-1455	13 Aug 200800:00	–	cve
Cvelist	CVE-2008-0120	13 Aug 200800:00	–	cvelist
Cvelist	CVE-2008-0121	13 Aug 200800:00	–	cvelist

Source	Link
microsoft	www.microsoft.com/technet/security/bulletin/ms08-051.mspx

##############################################################################
# OpenVAS Vulnerability Test
# $Id: secpod_ms08-051_900033.nasl 6538 2017-07-05 11:38:27Z cfischer $
# Description: Microsoft PowerPoint Could Allow Remote Code Execution Vulnerabilities (949785)
#
# Authors:
# Chandan S <[email protected]>
#
# Copyright:
# Copyright (C) 2008 SecPod, http://www.secpod.com
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2
# (or any later version), as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
##############################################################################

tag_impact = "Remote attackers could be able to corrupt memory locations via
 a specially crafted PowerPoint files.
 Impact Level : System";

tag_solution = "Run Windows Update and update the listed hotfixes or download and
 update mentioned hotfixes in the advisory from the below link.
 http://www.microsoft.com/technet/security/bulletin/ms08-051.mspx";

tag_affected = "Microsoft PowerPoint 2002/XP/2003/2007 on Windows (All).
 Microsoft PowerPoint Viewer 2003/2007 on Windows (All).";

tag_insight = "Multiple flaw are due to,
 - an integer overflow error when handling CString objects.
 - a memory calculation error when processing malformed picture
   indexes and list values.";


tag_summary = "This host is missing critical security update according to
 Microsoft Bulletin MS08-051.";


if(description)
{
 script_id(900033);
 script_version("$Revision: 6538 $");
 script_tag(name:"last_modification", value:"$Date: 2017-07-05 13:38:27 +0200 (Wed, 05 Jul 2017) $");
 script_tag(name:"creation_date", value:"2008-08-19 14:38:55 +0200 (Tue, 19 Aug 2008)");
 script_bugtraq_id(30552, 30554, 30579);
 script_cve_id("CVE-2008-0120", "CVE-2008-0121", "CVE-2008-1455");
 script_copyright("Copyright (C) 2008 SecPod");
 script_tag(name:"cvss_base", value:"9.3");
 script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:C/I:C/A:C");
 script_category(ACT_GATHER_INFO);
 script_family("Windows : Microsoft Bulletins");
 script_name("Microsoft PowerPoint Could Allow Remote Code Execution Vulnerabilities (949785)");
 script_dependencies("secpod_reg_enum.nasl", "secpod_office_products_version_900032.nasl", "secpod_ms_office_detection_900025.nasl");
 script_mandatory_keys("MS/Office/Ver", "SMB/Office/PowerPnt/Version");

 script_xref(name : "URL" , value : "http://www.microsoft.com/technet/security/bulletin/ms08-051.mspx");
 script_tag(name : "summary" , value : tag_summary);
 script_tag(name : "insight" , value : tag_insight);
 script_tag(name : "affected" , value : tag_affected);
 script_tag(name : "solution" , value : tag_solution);
 script_tag(name : "impact" , value : tag_impact);
 script_tag(name:"qod_type", value:"registry");
 script_tag(name:"solution_type", value:"VendorFix");
 exit(0);
}


include("version_func.inc");

if(egrep(pattern:"^(9|10|11|12)\..*", string:get_kb_item("MS/Office/Ver")))
{
  pptVer = get_kb_item("SMB/Office/PowerPnt/Version");
  if(!pptVer){
    exit(0);
  }

  if(version_in_range(version:pptVer, test_version:"9.0",
                      test_version2:"9.0.0.8968")){
    security_message(0);
  }
  else if(version_in_range(version:pptVer, test_version:"10.0",
                           test_version2:"10.0.6841")){
    security_message(0);
  }
  else if(version_in_range(version:pptVer, test_version:"11.0",
                           test_version2:"11.0.8226")){
    security_message(0);
  }
  else if(version_in_range(version:pptVer, test_version:"12.0",
                           test_version2:"12.0.6300.4999")){
    security_message(0);
  }
}

05 Jul 2017 00:00Current

0.6Low risk

Vulners AI Score0.6

EPSS0.68554