Microsoft PowerPoint Crafted PPT Data Record Code Execution

2006-10-10T14:11:47
ID OSVDB:29447
Type osvdb
Reporter Dejun Meng()
Modified 2006-10-10T14:11:47

Description

Vulnerability Description

Microsoft PowerPoint contains a flaw that may allow a malicious user to execute arbitrary code. The issue is triggered when when a user opens a specially crafted PowerPoint PPT file. It is possible that the flaw may allow to execute code with the privileges of the user resulting in a loss of integrity.

Solution Description

Currently, there are no known workarounds or upgrades to correct this issue. However, Microsoft has released a patch to address this vulnerability.

Short Description

Microsoft PowerPoint contains a flaw that may allow a malicious user to execute arbitrary code. The issue is triggered when when a user opens a specially crafted PowerPoint PPT file. It is possible that the flaw may allow to execute code with the privileges of the user resulting in a loss of integrity.

References:

Security Tracker: 1017030 Related OSVDB ID: 29446 Related OSVDB ID: 29448 Related OSVDB ID: 29259 Microsoft Security Bulletin: MS06-058 Microsoft Knowledge Base Article: 924163 CVE-2006-3876 Bugtraq ID: 20322