22 matches found
CVE-2010-2572
CVE-2010-2572 describes a remote code execution vulnerability in Microsoft PowerPoint 2002 SP3 and 2003 SP3 caused by an error in parsing PowerPoint 95 files (PowerPoint Parsing Buffer Overflow). The issue could allow an attacker to take complete control of an affected system by convincing a user...
CVE-2004-0200
CVE-2004-0200 is a buffer-overflow vulnerability in the JPEG parsing engine of Microsoft GDI+ (GDIPlus.dll). The flaw allows remote code execution when a specially crafted JPEG image is processed, with the attack vector involving JPEG data that is mis-sized during a memory copy. The vulnerability...
CVE-2006-3877
PowerPoint Malformed Record Memory Corruption Vulnerability (CVE-2006-3877) affects multiple Office suites. A remote code execution flaw exists when PowerPoint opens a specially crafted file with malformed records, allowing an attacker to gain full control of the affected system if the user runs ...
CVE-2010-2573
CVE-2010-2573 is a PowerPoint remote-code-execution vulnerability caused by an integer underflow while parsing PowerPoint files. Affected are Microsoft PowerPoint 2002 SP3, 2003 SP3, PowerPoint Viewer SP2, and Office 2004 for Mac. Microsoft’s MS10-088 security bulletin provides a patch for the vu...
CVE-2007-0671
CVE-2007-0671 is a remote-code-execution vulnerability in Microsoft Office Excel (affecting Excel 2000/XP/2003 and Mac equivalents) where a specially crafted Excel file can trigger arbitrary code execution. The vulnerability arises from improper handling/parsing of office records, enabling remote...
CVE-2009-0556
CVE-2009-0556 affects Microsoft Office PowerPoint (Windows and Mac) versions listed in the description. It is a memory corruption vulnerability triggered by a PowerPoint file containing an OutlineTextRefAtom with an invalid index, enabling remote code execution when a user opens the malicious fil...
CVE-2010-0031
CVE-2010-0031: An error in parsing the OEPlaceholderAtom record (placementId) in PowerPoint components allows remote code execution via a crafted PowerPoint file. Affected products include Microsoft Office PowerPoint 2002 SP3, 2003 SP3, and PowerPoint in Office 2004 for Mac. The vulnerability ste...
CVE-2010-0034
CVE-2010-0034 is a vulnerability in Microsoft PowerPoint handling of the TextCharsAtom record that enables a stack-based buffer overflow on PowerPoint 2003 SP3 and related viewers. The issue allows remote code execution when a user opens a specially crafted PowerPoint file; the vulnerable compone...
CVE-2006-3590
Microsoft PowerPoint Mso.dll Vulnerability (CVE-2006-3590) affects PowerPoint 2000–2003 where parsing a malformed shape container in a PPT file can lead to remote code execution. The underlying issue is memory corruption when PowerPoint processes a specially crafted file, potentially via email at...
CVE-2011-1269
CVE-2011-1269 affects Microsoft PowerPoint and related Office components on Windows and Mac (PowerPoint 2002/2003/2007; Office for Mac 2004/2008; Open XML Converter for Mac; Office Compatibility Pack). The root cause is unspecified function calls during file parsing that mishandle memory, leading...
CVE-2011-1270
CVE-2011-1270 is a concrete PowerPoint remote code execution vulnerability. Affected products: Microsoft PowerPoint 2002 SP3 and 2003 SP3. The issue is a buffer/memory corruption during parsing of PowerPoint files, specifically involving the RecolorInfo Atom, which can be triggered by crafting a ...
CVE-2010-0033
The CVE-2010-0033 entry maps to a stack-based buffer overflow in Microsoft PowerPoint Viewer (TextBytesAtom records) affecting PowerPoint Viewer with Office 2003 SP3 and earlier (and Office 2004 for Mac). The vulnerability allows remote code execution via a crafted PowerPoint document; multiple s...
CVE-2011-0656
Microsoft Office PowerPoint vulnerability CVE-2011-0656 arises from improper validation of PersistDirectoryEntry records in PowerPoint documents. A Slide containing a malformed record can trigger an exception and subsequent use of a malformed object, enabling remote code execution or memory corru...
CVE-2006-0022
CVE-2006-0022 describes a remote code execution vulnerability in Microsoft PowerPoint across multiple Office versions (2000 SP3, XP SP3, 2003 SP1/SP2, 2004 for Mac, and PowerPoint v. X for Mac) triggered by opening a PowerPoint document containing a malformed record. The root cause is memory corr...
CVE-2008-3068
Microsoft Crypto API 5.131.2600.2180 through 6.0 (used in Outlook, Windows Live Mail, and Office 2007) performs CRL checks by using an arbitrary URL from a certificate embedded in an S/MIME email or a signed document via the Authority Information Access (AIA) extension. This allows remote attacke...
CVE-2006-3449
CVE-2006-3449 describes a remote code execution in Microsoft PowerPoint 2000–2003 caused by parsing a malformed BIFF record in a PPT file. The vulnerability can be triggered when a user opens a crafted PPT document, potentially allowing attacker-controlled code execution in the user’s context (us...
CVE-2010-0032
CVE-2010-0032 is a use-after-free vulnerability in Microsoft Office PowerPoint 2002 SP3 and 2003 SP3 triggered by parsing OEPlaceholderAtom records in a crafted PowerPoint file, allowing remote code execution. Public advisories (MS10-004) and vendor patches address the flaw; affected products inc...
CVE-2010-0030
CVE-2010-0030 describes a remote code execution vulnerability in Microsoft Office PowerPoint 2002 SP3 and 2003 SP3 caused by a heap-based buffer overflow in the LinkedSlideAtom handling. A crafted PowerPoint file could allow an attacker to take control of the affected system. The issue is part of...
CVE-2006-3656
CVE-2006-3656 describes a memory corruption vulnerability in Microsoft PowerPoint 2003 caused by parsing a crafted PowerPoint file. The underlying issue is a vulnerability in PowerPoint 2003 (mso.dll) where malformed records/POWERPOINT content are not adequately validated, leading to potential ar...
CVE-2006-5296
CVE-2006-5296 is a PowerPoint parsing vulnerability in Microsoft PowerPoint (Office era) where a crafted PowerPoint PPT file can trigger a remote code execution through improper parsing of PPT records. The connected advisory (MS06-058 family) and related CPAI entries describe memory corruption ri...
CVE-2006-3655
CVE-2006-3655, CVE-2006-3656, and related CVEs concern Microsoft PowerPoint 2003. The connected sources describe an attacker-assisted exploit via crafted PowerPoint files affecting PowerPoint 2003 (PowerPoint’s PowerPoint parsing/mso.dll and powerpnt.exe) that can lead to arbitrary code execution...
CVE-2006-3660
CVE-2006-3655, CVE-2006-3656, CVE-2006-3590 describe a family of remote-code-execution/memory-corruption vulnerabilities in Microsoft PowerPoint 2003 tied to PowerPoint files. Specifically, CVE-2006-3590 (PowerPoint Mso.dll) is triggered by parsing a malformed PowerPoint file, allowing arbitrary ...