ZDI-11-346 : Microsoft Office 2007 Office Art Shape Record Hierarchy Parsing Remote Code Execution Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-11-346 : Microsoft Office 2007 Office Art Shape Record Hierarchy Parsing Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-346 December 13, 2011 - -- CVE ID: CVE-2011-3413 - -- CVSS: 7.5,...

Microsoft PowerPoint OfficeArt远程代码执行漏洞(MS11-094)

BUGTRAQ ID: 50964 CVE ID: CVE-2011-3413 PowerPoint是一个由Microsoft公司开发的演示文稿程序，是Microsoft Office系统中的其中一个组件。它支持Microsoft WindowsApple的Mac OS X操作系统。 PowerPoint处理特制.ppt文件的方式中存在远程代码执行漏洞，成功利用后可允许攻击者以当前用户权限执行任意代码。 Microsoft Office 2008 for Mac Microsoft Office 2007 Microsoft PowerPoint 2007 临时解决方法：...

CVE-2011-3413

CVE-2011-3413 affects Microsoft Office products including PowerPoint 2007 SP2, Office 2008 for Mac, Office Compatibility Pack SP2, and PowerPoint Viewer 2007 SP2. The root cause is improper handling of OfficeArt shape records in PowerPoint documents, leading to memory corruption that can enable r...

Microsoft PowerPoint OfficeArt Shape CVE-2011-3413 Remote Code Execution Vulnerability

Description Microsoft PowerPoint is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code with the privileges of the currently logged-in user. Technologies Affected Microsoft Office 2008 for Mac Microsoft Office Compatibility Pack 2007...

Microsoft PowerPoint OfficeArt Shape Remote Code Execution (MS11-094; CVE-2011-3413)

A remote code execution vulnerability has been reported in Microsoft PowerPoint. The vulnerability is due to memory corruption in PowerPoint while reading an invalid record in a specially crafted PowerPoint file. A remote attacker may exploit this vulnerability by convincing a target user to open...

MS11-089 / MS11-094 / MS11-096 : Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (2590602 / 2639142 / 2640241) (Mac OS X)

The remote Mac OS X host is running a version of Microsoft Office that is affected by the following vulnerabilities : - A use-after-free vulnerability could be triggered when reading a specially crafted Word file. CVE-2011-1983 - A memory corruption vulnerability could be triggered when reading a...

MS11-094: Vulnerabilities in Microsoft PowerPoint Could Allow Remote Code Execution (2639142)

The remote Windows host has a version of Microsoft PowerPoint that is affected by multiple vulnerabilities : - The application insecurely restricts the path used for loading external DLL files. This could lead to arbitrary code execution. CVE-2011-3396 - The application could cause memory to be...