18 matches found
CVE-2010-2572
CVE-2010-2572 describes a remote code execution vulnerability in Microsoft PowerPoint 2002 SP3 and 2003 SP3 caused by an error in parsing PowerPoint 95 files (PowerPoint Parsing Buffer Overflow). The issue could allow an attacker to take complete control of an affected system by convincing a user...
CVE-2004-0200
CVE-2004-0200 is a buffer-overflow vulnerability in the JPEG parsing engine of Microsoft GDI+ (GDIPlus.dll). The flaw allows remote code execution when a specially crafted JPEG image is processed, with the attack vector involving JPEG data that is mis-sized during a memory copy. The vulnerability...
CVE-2006-3877
PowerPoint Malformed Record Memory Corruption Vulnerability (CVE-2006-3877) affects multiple Office suites. A remote code execution flaw exists when PowerPoint opens a specially crafted file with malformed records, allowing an attacker to gain full control of the affected system if the user runs ...
CVE-2010-2573
CVE-2010-2573 is a PowerPoint remote-code-execution vulnerability caused by an integer underflow while parsing PowerPoint files. Affected are Microsoft PowerPoint 2002 SP3, 2003 SP3, PowerPoint Viewer SP2, and Office 2004 for Mac. Microsoft’s MS10-088 security bulletin provides a patch for the vu...
CVE-2007-0671
CVE-2007-0671 is a remote-code-execution vulnerability in Microsoft Office Excel (affecting Excel 2000/XP/2003 and Mac equivalents) where a specially crafted Excel file can trigger arbitrary code execution. The vulnerability arises from improper handling/parsing of office records, enabling remote...
CVE-2009-0556
CVE-2009-0556 affects Microsoft Office PowerPoint (Windows and Mac) versions listed in the description. It is a memory corruption vulnerability triggered by a PowerPoint file containing an OutlineTextRefAtom with an invalid index, enabling remote code execution when a user opens the malicious fil...
CVE-2004-0848
CVE-2004-0848 corresponds to a buffer overflow in Microsoft Office XP that can allow remote code execution via specially crafted HTML links referencing URL file locations. Connected advisories detail that the overflow occurs in the Office process handling URL file references, enabling arbitrary c...
CVE-2010-0031
CVE-2010-0031: An error in parsing the OEPlaceholderAtom record (placementId) in PowerPoint components allows remote code execution via a crafted PowerPoint file. Affected products include Microsoft Office PowerPoint 2002 SP3, 2003 SP3, and PowerPoint in Office 2004 for Mac. The vulnerability ste...
CVE-2006-3590
Microsoft PowerPoint Mso.dll Vulnerability (CVE-2006-3590) affects PowerPoint 2000–2003 where parsing a malformed shape container in a PPT file can lead to remote code execution. The underlying issue is memory corruption when PowerPoint processes a specially crafted file, potentially via email at...
CVE-2011-1269
CVE-2011-1269 affects Microsoft PowerPoint and related Office components on Windows and Mac (PowerPoint 2002/2003/2007; Office for Mac 2004/2008; Open XML Converter for Mac; Office Compatibility Pack). The root cause is unspecified function calls during file parsing that mishandle memory, leading...
CVE-2011-1270
CVE-2011-1270 is a concrete PowerPoint remote code execution vulnerability. Affected products: Microsoft PowerPoint 2002 SP3 and 2003 SP3. The issue is a buffer/memory corruption during parsing of PowerPoint files, specifically involving the RecolorInfo Atom, which can be triggered by crafting a ...
CVE-2006-0022
CVE-2006-0022 describes a remote code execution vulnerability in Microsoft PowerPoint across multiple Office versions (2000 SP3, XP SP3, 2003 SP1/SP2, 2004 for Mac, and PowerPoint v. X for Mac) triggered by opening a PowerPoint document containing a malformed record. The root cause is memory corr...
CVE-2011-0656
Microsoft Office PowerPoint vulnerability CVE-2011-0656 arises from improper validation of PersistDirectoryEntry records in PowerPoint documents. A Slide containing a malformed record can trigger an exception and subsequent use of a malformed object, enabling remote code execution or memory corru...
CVE-2010-0032
CVE-2010-0032 is a use-after-free vulnerability in Microsoft Office PowerPoint 2002 SP3 and 2003 SP3 triggered by parsing OEPlaceholderAtom records in a crafted PowerPoint file, allowing remote code execution. Public advisories (MS10-004) and vendor patches address the flaw; affected products inc...
CVE-2006-3449
CVE-2006-3449 describes a remote code execution in Microsoft PowerPoint 2000–2003 caused by parsing a malformed BIFF record in a PPT file. The vulnerability can be triggered when a user opens a crafted PPT document, potentially allowing attacker-controlled code execution in the user’s context (us...
CVE-2010-0029
CVE-2010-0029 is a remote-code-execution vulnerability in Microsoft Office PowerPoint 2002 SP3 caused by a buffer/stack overflow when parsing crafted PowerPoint files (PowerPoint File Path Handling Buffer Overflow). The connected reports confirm this is part of a family of PowerPoint vulnerabilit...
CVE-2010-0030
CVE-2010-0030 describes a remote code execution vulnerability in Microsoft Office PowerPoint 2002 SP3 and 2003 SP3 caused by a heap-based buffer overflow in the LinkedSlideAtom handling. A crafted PowerPoint file could allow an attacker to take control of the affected system. The issue is part of...
CVE-2001-0718
The CVE-2001-0718 issue affects Microsoft Excel and PowerPoint (across Windows and Macintosh releases up to 2002). Affected components are the macro handling/data stream processing; attackers can bypass macro restrictions by modifying the document data stream, enabling arbitrary code execution wh...