Microsoft PowerPoint OfficeArt远程代码执行漏洞(MS11-094)

BUGTRAQ ID: 50964 CVE ID: CVE-2011-3413 PowerPoint是一个由Microsoft公司开发的演示文稿程序，是Microsoft Office系统中的其中一个组件。它支持Microsoft WindowsApple的Mac OS X操作系统。 PowerPoint处理特制.ppt文件的方式中存在远程代码执行漏洞，成功利用后可允许攻击者以当前用户权限执行任意代码。 Microsoft Office 2008 for Mac Microsoft Office 2007 Microsoft PowerPoint 2007 临时解决方法：...

ZDI-11-346 : Microsoft Office 2007 Office Art Shape Record Hierarchy Parsing Remote Code Execution Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-11-346 : Microsoft Office 2007 Office Art Shape Record Hierarchy Parsing Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-346 December 13, 2011 - -- CVE ID: CVE-2011-3413 - -- CVSS: 7.5,...

CVE-2011-3413

Microsoft PowerPoint 2007 SP2; Office 2008 for Mac; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2; and PowerPoint Viewer 2007 SP2 allow remote attackers to execute arbitrary code or cause a denial of service memory corruption via an invalid OfficeArt record in a...

CVE-2011-3396

Untrusted search path vulnerability in Microsoft PowerPoint 2007 SP2 and 2010 allows local users to gain privileges via a Trojan horse DLL in the current working directory, aka "PowerPoint Insecure Library Loading Vulnerability."...

Design/Logic Flaw

Untrusted search path vulnerability in Microsoft PowerPoint 2007 SP2 and 2010 allows local users to gain privileges via a Trojan horse DLL in the current working directory, aka "PowerPoint Insecure Library Loading Vulnerability."...

Memory corruption

Microsoft PowerPoint 2007 SP2; Office 2008 for Mac; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2; and PowerPoint Viewer 2007 SP2 allow remote attackers to execute arbitrary code or cause a denial of service memory corruption via an invalid OfficeArt record in a...

CVE-2011-3396

Untrusted search path vulnerability in Microsoft PowerPoint 2007 SP2 and 2010 allows local users to gain privileges via a Trojan horse DLL in the current working directory, aka "PowerPoint Insecure Library Loading Vulnerability."...

CVE-2011-3413

CVE-2011-3413 affects Microsoft Office products including PowerPoint 2007 SP2, Office 2008 for Mac, Office Compatibility Pack SP2, and PowerPoint Viewer 2007 SP2. The root cause is improper handling of OfficeArt shape records in PowerPoint documents, leading to memory corruption that can enable r...

Microsoft Office PowerPoint Remote Code Execution Vulnerabilities (2639142)

This host is missing an important security update according to Microsoft Bulletin MS11-094. OpenVAS Vulnerability Test $Id: secpodms11-094.nasl 6523 2017-07-04 15:46:12Z cfischer $ Microsoft Office PowerPoint Remote Code Execution Vulnerabilities 2639142 Authors: Antu Sanadi Copyright: Copyright ...

CVE-2011-3413

Microsoft PowerPoint 2007 SP2; Office 2008 for Mac; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2; and PowerPoint Viewer 2007 SP2 allow remote attackers to execute arbitrary code or cause a denial of service memory corruption via an invalid OfficeArt record in a...

CVE-2011-3396

CVE-2011-3396 affects Microsoft PowerPoint 2007 SP2 and 2010. The vulnerability arises from insecure DLL loading: PowerPoint can load a Trojan horse DLL from the current working directory, enabling arbitrary code execution under the attacker’s context. Connected sources corroborate an RCE through...

Microsoft Office PowerPoint Remote Code Execution Vulnerabilities (2639142)

This host is missing an important security update according to Microsoft Bulletin MS11-094. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

Security Update for Microsoft Office PowerPoint 2007 (KB2596912)

A security vulnerability exists in Microsoft Office PowerPoint 2007 that could allow arbitrary code to run when a maliciously modified file is opened. This update resolves that vulnerability...

Microsoft PowerPoint CVE-2011-3396 DLL Loading Arbitrary Code Execution Vulnerability

Description Microsoft PowerPoint is prone to vulnerability that lets attackers execute arbitrary code. An attacker can exploit this issue by enticing a legitimate user to use the vulnerable application to open a file from a network share location which contains a specially crafted Dynamic Link...

Microsoft PowerPoint OfficeArt Shape Remote Code Execution (MS11-094; CVE-2011-3413)

A remote code execution vulnerability has been reported in Microsoft PowerPoint. The vulnerability is due to memory corruption in PowerPoint while reading an invalid record in a specially crafted PowerPoint file. A remote attacker may exploit this vulnerability by convincing a target user to open...

Microsoft PowerPoint OfficeArt Shape CVE-2011-3413 Remote Code Execution Vulnerability

Description Microsoft PowerPoint is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code with the privileges of the currently logged-in user. Technologies Affected Microsoft Office 2008 for Mac Microsoft Office Compatibility Pack 2007...

Microsoft PowerPoint Insecure Library Loading (MS11-094; CVE-2011-3396)

A remote code execution vulnerability has been reported in Microsoft PowerPoint. The vulnerability is due to an error in the way Microsoft PowerPoint restricts the path used for loading external libraries. A remote attacker could exploit this vulnerability by enticing a user to open a legitimate...

MS11-094: Vulnerabilities in Microsoft PowerPoint Could Allow Remote Code Execution (2639142)

The remote Windows host has a version of Microsoft PowerPoint that is affected by multiple vulnerabilities : - The application insecurely restricts the path used for loading external DLL files. This could lead to arbitrary code execution. CVE-2011-3396 - The application could cause memory to be...

Microsoft Office Graph DataFormat Signed Index Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office 2007. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Microsoft PowerPoint .dll Insecure Library Loading (MS11-073; CVE-2011-1980)

The vulnerability is due to insecure library loading issue in Microsoft PowerPoint. A remote attacker could trigger this flaw by convincing a victim to open a specially crafted PowerPoint file. Successful exploitation of this issue may allow execution of arbitrary code on a vulnerable system...