9 matches found
Microsoft PowerPoint OEPlaceholderAtom记录无效数组索引漏洞(MS10-004)
BUGTRAQ ID: 38103 CVE ID: CVE-2010-0031 Microsoft PowerPoint是微软Office套件中的文档演示工具。 PowerPoint处理特制PPT文件OEPlaceholderAtom记录中的placementId字段值时存在数组索引漏洞,成功利用此漏洞的攻击者可完全控制受影响的系统。 OEPlaceholderAtom记录类型用于为幻灯片的图片、文本等对象创建占位符。如果用户提供的值大于数组大小,就可以用固定的值破坏数组边界外的栈内存。通过覆盖关键结构(如保存的返回地址),就可以导致执行任意代码。 Microsoft Office 20...
Microsoft PowerPoint "OEPlaceholderAtom" record vulnerability
No description provided by source. iDefense Security Advisory 02.09.10 http://labs.idefense.com/intelligence/vulnerabilities/ Feb 09, 2010 I. BACKGROUND Microsoft PowerPoint is an application used for constructing presentations, and comes with the Microsoft Office suite. For more information, see...
Microsoft PowerPoint OEPlaceholderAtom placementId memory corruption
Added: 02/12/2010 CVE: CVE-2010-0031 BID: 38103 OSVDB: 62237 Background Microsoft PowerPoint is presentation software included in the Microsoft Office desktop suite. Problem A memory corruption vulnerability allows command execution when a user opens a PowerPoint file containing an...
iDefense Security Advisory 02.09.10: Microsoft PowerPoint OEPlaceholderAtom Invalid Array Indexing Vulnerability
iDefense Security Advisory 02.09.10 http://labs.idefense.com/intelligence/vulnerabilities/ Feb 09, 2010 I. BACKGROUND Microsoft PowerPoint is an application used for constructing presentations, and comes with the Microsoft Office suite. For more information, see the vendor's site found at the...
Microsoft PowerPoint OEPlaceholderAtom placementId memory corruption
Added: 02/12/2010 CVE: CVE-2010-0031 BID: 38103 OSVDB: 62237 Background Microsoft PowerPoint is presentation software included in the Microsoft Office desktop suite. Problem A memory corruption vulnerability allows command execution when a user opens a PowerPoint file containing an...
Microsoft PowerPoint OEPlaceholderAtom placementId memory corruption
Added: 02/12/2010 CVE: CVE-2010-0031 BID: 38103 OSVDB: 62237 Background Microsoft PowerPoint is presentation software included in the Microsoft Office desktop suite. Problem A memory corruption vulnerability allows command execution when a user opens a PowerPoint file containing an...
Microsoft PowerPoint OEPlaceholderAtom placementId memory corruption
Added: 02/12/2010 CVE: CVE-2010-0031 BID: 38103 OSVDB: 62237 Background Microsoft PowerPoint is presentation software included in the Microsoft Office desktop suite. Problem A memory corruption vulnerability allows command execution when a user opens a PowerPoint file containing an...
CVE-2010-0031
CVE-2010-0031: An error in parsing the OEPlaceholderAtom record (placementId) in PowerPoint components allows remote code execution via a crafted PowerPoint file. Affected products include Microsoft Office PowerPoint 2002 SP3, 2003 SP3, and PowerPoint in Office 2004 for Mac. The vulnerability ste...
MS10-004: Vulnerabilities in Microsoft Office PowerPoint Could Allow Remote Code Execution (975416)
The remote Windows host is running a version of Microsoft PowerPoint that is affected by several vulnerabilities. If an attacker can trick a user on the affected host into opening a specially crafted PowerPoint file, these issues could be leveraged to execute arbitrary code subject to the user's...