4 matches found
Microsoft PowerPoint OEPlaceholderAtom记录释放后使用漏洞(MS10-004)
BUGTRAQ ID: 38104 CVE ID: CVE-2010-0032 Microsoft PowerPoint是微软Office套件中的文档演示工具。 PowerPoint处理特制PPT文件msofbtClientData容器中的OEPlaceholderAtom记录时存在释放后使用漏洞,成功利用此漏洞的攻击者可完全控制受影响的系统。 OEPlaceholderAtom记录类型用于为幻灯片的图片、文本等对象创建占位符。在解析msofbtClientData容器中的一系列 OEPlaceholderAtom记录时,就可能触发释放后使用漏洞,导致执行任意代码。 Microsoft...
iDefense Security Advisory 02.09.10: Microsoft PowerPoint OEPlaceholderAtom Use-After-Free Vulnerability
iDefense Security Advisory 02.09.10 http://labs.idefense.com/intelligence/vulnerabilities/ Feb 09, 2010 I. BACKGROUND Microsoft PowerPoint is an application used for constructing presentations, and comes with the Microsoft Office suite. For more information, see the vendor's site found at the...
CVE-2010-0032
CVE-2010-0032 is a use-after-free vulnerability in Microsoft Office PowerPoint 2002 SP3 and 2003 SP3 triggered by parsing OEPlaceholderAtom records in a crafted PowerPoint file, allowing remote code execution. Public advisories (MS10-004) and vendor patches address the flaw; affected products inc...
MS10-004: Vulnerabilities in Microsoft Office PowerPoint Could Allow Remote Code Execution (975416)
The remote Windows host is running a version of Microsoft PowerPoint that is affected by several vulnerabilities. If an attacker can trick a user on the affected host into opening a specially crafted PowerPoint file, these issues could be leveraged to execute arbitrary code subject to the user's...