Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
saintSAINT CorporationSAINT:D8504CCEB49C90637A6766454418BC89
HistorySep 19, 2008 - 12:00 a.m.

Microsoft PowerPoint Viewer picture index CString object integer overflow

2008-09-1900:00:00
SAINT Corporation
www.saintcorporation.com
12

0.923 High

EPSS

Percentile

98.7%

JSON

Added: 09/19/2008
CVE: CVE-2008-0120
BID: 30552
OSVDB: 47406

Background

Microsoft PowerPoint Viewer 2003 is a free tool which allows viewing of Microsoft PowerPoint presentations without requiring Microsoft PowerPoint itself.

Problem

An integer overflow vulnerability in the handling of CString objects allows command execution when a user opens a PowerPoint file containing a malformed picture index.

Resolution

Install the update referenced in Microsoft Security Bulletin 08-051.

References

<http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=739&gt;

Limitations

Exploit works on Microsoft PowerPoint Viewer 2003 and requires a user to load the exploit file in the affected software.

This exploit might not succeed on Windows XP SP2 systems without some of the older patches.

Execution of the exploit requires the Compress-Zlib PERL module if the use compression option is enabled.

Platforms

Windows XP

Related

seebug 1
saint 3
checkpoint_advisories 2
securityvulns 2
cve 1
prion 1
openvas 2
nessus 1
seebug
seebug
Microsoft PowerPoint Viewer 2003 Cstringε―Ήθ±‘ζ•΄ζ•°ζΊ’ε‡ΊζΌζ΄žοΌˆMS08-051οΌ‰
2008-08-14 00:00:00
saint
saint
Microsoft PowerPoint Viewer picture index CString object integer overflow
2008-09-19 00:00:00
Microsoft PowerPoint Viewer picture index CString object integer overflow
2008-09-19 00:00:00
Microsoft PowerPoint Viewer picture index CString object integer overflow
2008-09-19 00:00:00
checkpoint_advisories
checkpoint_advisories
Microsoft PowerPoint Viewer 2003 Picture Integer Overflow - Ver2 (CVE-2008-0120)
2014-03-03 00:00:00
Microsoft PowerPoint Viewer Memory Allocation Code Execution (MS08-051; CVE-2008-0120; CVE-2008-0121)
2008-08-12 00:00:00
securityvulns
securityvulns
iDefense Security Advisory 08.12.08: Microsoft PowerPoint Viewer 2003 Cstring Integer Overflow Vulnerability
2008-08-13 00:00:00
Microsoft Security Bulletin MS08-051 – Critical Vulnerabilities in Microsoft PowerPoint Could Allow Remote Code Execution &#40;949785&#41; Microsoft Security Bulletin MS08-051 – Critical
2008-08-12 00:00:00
cve
cve
CVE-2008-0120
2008-08-13 00:41:00
prion
prion
Integer overflow
2008-08-13 00:41:00
openvas
openvas
Microsoft PowerPoint Could Allow Remote Code Execution Vulnerabilities (949785)
2008-08-19 00:00:00
Microsoft PowerPoint Could Allow Remote Code Execution Vulnerabilities (949785)
2008-08-19 00:00:00
nessus
nessus
MS08-051: Vulnerabilities in Microsoft PowerPoint Could Allow Remote Code Execution (949785)
2008-08-13 00:00:00

0.923 High

EPSS

Percentile

98.7%

JSON
Related for SAINT:D8504CCEB49C90637A6766454418BC89
seebug1saint3checkpoint_advisories2securityvulns2cve1prion1openvas2nessus1