Microsoft PowerPoint Viewer picture index CString object integer overflow

2008-09-19T00:00:00
ID SAINT:D8504CCEB49C90637A6766454418BC89
Type saint
Reporter SAINT Corporation
Modified 2008-09-19T00:00:00

Description

Added: 09/19/2008
CVE: CVE-2008-0120
BID: 30552
OSVDB: 47406

Background

Microsoft PowerPoint Viewer 2003 is a free tool which allows viewing of Microsoft PowerPoint presentations without requiring Microsoft PowerPoint itself.

Problem

An integer overflow vulnerability in the handling of CString objects allows command execution when a user opens a PowerPoint file containing a malformed picture index.

Resolution

Install the update referenced in Microsoft Security Bulletin 08-051.

References

<http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=739>

Limitations

Exploit works on Microsoft PowerPoint Viewer 2003 and requires a user to load the exploit file in the affected software.

This exploit might not succeed on Windows XP SP2 systems without some of the older patches.

Execution of the exploit requires the Compress-Zlib PERL module if the use compression option is enabled.

Platforms

Windows XP