Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
seebugRootSSV:19144
HistoryFeb 20, 2010 - 12:00 a.m.

Microsoft PowerPoint OEPlaceholderAtom记录无效数组索引漏洞(MS10-004)

2010-02-2000:00:00
Root
www.seebug.org
12

0.914 High

EPSS

Percentile

98.6%

JSON

BUGTRAQ ID: 38103
CVE ID: CVE-2010-0031

Microsoft PowerPoint是微软Office套件中的文档演示工具。

PowerPoint处理特制PPT文件OEPlaceholderAtom记录中的placementId字段值时存在数组索引漏洞,成功利用此漏洞的攻击者可完全控制受影响的系统。

OEPlaceholderAtom记录类型用于为幻灯片的图片、文本等对象创建占位符。如果用户提供的值大于数组大小,就可以用固定的值破坏数组边界外的栈内存。通过覆盖关键结构(如保存的返回地址),就可以导致执行任意代码。

Microsoft Office 2004 for Mac
Microsoft PowerPoint 2003 SP3
Microsoft PowerPoint 2002 SP3
临时解决方法:

  • 使用Microsoft Office文件阻断策略以防止打开未知或不可信任来源的Office 2003及更早版本的文档。

  • 当打开来自未知来源或不可信来源的文件时使用Microsoft Office隔离转换环境(MOICE)。

厂商补丁:

Microsoft

Microsoft已经为此发布了一个安全公告(MS10-004)以及相应补丁:
MS10-004:Vulnerabilities in Microsoft Office PowerPoint Could Allow Remote Code Execution (975416)
链接:http://www.microsoft.com/technet/security/Bulletin/MS10-004.mspx?pf=true

Related

seebug 1
prion 1
cvelist 1
cve 1
saint 4
securityvulns 3
checkpoint_advisories 2
nessus 2
openvas 2
seebug
seebug
Microsoft PowerPoint "OEPlaceholderAtom" record vulnerability
2010-02-13 00:00:00
prion
prion
Security feature bypass
2010-02-10 18:30:00
cvelist
cvelist
CVE-2010-0031
2010-02-10 18:00:00
cve
cve
CVE-2010-0031
2010-02-10 18:30:00
saint
saint
Microsoft PowerPoint OEPlaceholderAtom placementId memory corruption
2010-02-12 00:00:00
Microsoft PowerPoint OEPlaceholderAtom placementId memory corruption
2010-02-12 00:00:00
Microsoft PowerPoint OEPlaceholderAtom placementId memory corruption
2010-02-12 00:00:00
securityvulns
securityvulns
iDefense Security Advisory 02.09.10: Microsoft PowerPoint OEPlaceholderAtom Invalid Array Indexing Vulnerability
2010-02-12 00:00:00
Microsoft Security Bulletin MS10-004 - Important Vulnerabilities in Microsoft Office PowerPoint Could Allow Remote Code Execution (975416)
2010-02-10 00:00:00
Microsoft Office applications multiple security vulnerabilities
2010-02-12 00:00:00
checkpoint_advisories
checkpoint_advisories
Microsoft PowerPoint OEPlaceholderAtom Arbitrary Array Indexing (MS10-004) - Ver2 (CVE-2010-0031)
2014-03-03 00:00:00
Microsoft PowerPoint OEPlaceholderAtom Arbitrary Array Indexing (MS10-004; CVE-2010-0031; CVE-2010-0032)
2010-02-09 00:00:00
nessus
nessus
MS10-003 / MS10-004: Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (978214 / 975416) (Mac OS X)
2010-10-20 00:00:00
MS10-004: Vulnerabilities in Microsoft Office PowerPoint Could Allow Remote Code Execution (975416)
2010-02-09 00:00:00
openvas
openvas
Microsoft Office PowerPoint Remote Code Execution Vulnerabilities (975416)
2010-02-10 00:00:00
Microsoft Office PowerPoint Remote Code Execution Vulnerabilities (975416)
2010-02-10 00:00:00

0.914 High

EPSS

Percentile

98.6%

JSON
Related for SSV:19144
seebug1prion1cvelist1cve1saint4securityvulns3checkpoint_advisories2nessus2openvas2