A buffer overflow vulnerability in the Legacy File Format conversion filter (
**PP4X322.dll**) allows command execution when a user opens a PowerPoint 4.0 file containing a Printer record structure with a specially crafted driver string.
Apply the update referenced in Microsoft Security Bulletin 09-017.
Exploit works on Microsoft PowerPoint 2002 and requires a user to open the exploit file in Microsoft PowerPoint.
There may be a delay before the exploit succeeds after the user opens the exploit file.