Microsoft PowerPoint OEPlaceholderAtom Arbitrary Array Indexing - Ver2 (CVE-2010-0032)

Microsoft PowerPoint is a popular graphics software for preparing slides and presentations. Multiple remote code execution vulnerabilities have been identified in Microsoft PowerPoint. The vulnerabilities are due to an invalid array indexing and to a use after free error in Microsoft PowerPoint...

Microsoft PowerPoint OEPlaceholderAtom Arbitrary Array Indexing (MS10-004) - Ver2 (CVE-2010-0031)

Microsoft PowerPoint is a popular graphics software for preparing slides and presentations. Multiple remote code execution vulnerabilities have been identified in Microsoft PowerPoint. The vulnerabilities are due to an invalid array indexing and to a use after free error in Microsoft PowerPoint...

Microsoft PowerPoint OEPlaceholderAtom记录无效数组索引漏洞（MS10-004）

BUGTRAQ ID: 38103 CVE ID: CVE-2010-0031 Microsoft PowerPoint是微软Office套件中的文档演示工具。 PowerPoint处理特制PPT文件OEPlaceholderAtom记录中的placementId字段值时存在数组索引漏洞，成功利用此漏洞的攻击者可完全控制受影响的系统。 OEPlaceholderAtom记录类型用于为幻灯片的图片、文本等对象创建占位符。如果用户提供的值大于数组大小，就可以用固定的值破坏数组边界外的栈内存。通过覆盖关键结构（如保存的返回地址），就可以导致执行任意代码。 Microsoft Office 20...

Microsoft PowerPoint OEPlaceholderAtom记录释放后使用漏洞（MS10-004）

BUGTRAQ ID: 38104 CVE ID: CVE-2010-0032 Microsoft PowerPoint是微软Office套件中的文档演示工具。 PowerPoint处理特制PPT文件msofbtClientData容器中的OEPlaceholderAtom记录时存在释放后使用漏洞，成功利用此漏洞的攻击者可完全控制受影响的系统。 OEPlaceholderAtom记录类型用于为幻灯片的图片、文本等对象创建占位符。在解析msofbtClientData容器中的一系列 OEPlaceholderAtom记录时，就可能触发释放后使用漏洞，导致执行任意代码。 Microsoft...

Microsoft PowerPoint OEPlaceholderAtom placementId memory corruption

Added: 02/12/2010 CVE: CVE-2010-0031 BID: 38103 OSVDB: 62237 Background Microsoft PowerPoint is presentation software included in the Microsoft Office desktop suite. Problem A memory corruption vulnerability allows command execution when a user opens a PowerPoint file containing an...

Microsoft PowerPoint OEPlaceholderAtom placementId memory corruption

Added: 02/12/2010 CVE: CVE-2010-0031 BID: 38103 OSVDB: 62237 Background Microsoft PowerPoint is presentation software included in the Microsoft Office desktop suite. Problem A memory corruption vulnerability allows command execution when a user opens a PowerPoint file containing an...

Microsoft PowerPoint OEPlaceholderAtom placementId memory corruption

Added: 02/12/2010 CVE: CVE-2010-0031 BID: 38103 OSVDB: 62237 Background Microsoft PowerPoint is presentation software included in the Microsoft Office desktop suite. Problem A memory corruption vulnerability allows command execution when a user opens a PowerPoint file containing an...

iDefense Security Advisory 02.09.10: Microsoft PowerPoint OEPlaceholderAtom Invalid Array Indexing Vulnerability

iDefense Security Advisory 02.09.10 http://labs.idefense.com/intelligence/vulnerabilities/ Feb 09, 2010 I. BACKGROUND Microsoft PowerPoint is an application used for constructing presentations, and comes with the Microsoft Office suite. For more information, see the vendor's site found at the...

Design/Logic Flaw

Use-after-free vulnerability in Microsoft Office PowerPoint 2002 SP3 and 2003 SP3 allows remote attackers to execute arbitrary code via a crafted PowerPoint document, aka "OEPlaceholderAtom Use After Free Vulnerability."...

CVE-2010-0032

Use-after-free vulnerability in Microsoft Office PowerPoint 2002 SP3 and 2003 SP3 allows remote attackers to execute arbitrary code via a crafted PowerPoint document, aka "OEPlaceholderAtom Use After Free Vulnerability."...