Microsoft PowerPoint Legacy Format Scheme record buffer overflow

2009-06-26T00:00:00
ID SAINT:1F4FE5D092172F1790565312647B93FE
Type saint
Reporter SAINT Corporation
Modified 2009-06-26T00:00:00

Description

Added: 06/26/2009
CVE: CVE-2009-0226
BID: 34881
OSVDB: 54385

Background

Microsoft PowerPoint is presentation software included in the Microsoft Office desktop suite.

Problem

A buffer overflow vulnerability in Microsoft PowerPoint allows command execution when a user opens a PowerPoint 4.0 stream containing a specially crafted Format Scheme record.

Resolution

Apply the update referenced in Microsoft Security Bulletin 09-017.

References

<http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=789>

Limitations

Exploit works on PowerPoint 2002 SP3 with the patch KB948995 and requires a user to open the exploit file.

Platforms

Windows