Executive Summary

Informations
Name MS06-058 First vendor Publication 2006-10-10
Vendor Microsoft Last vendor Modification 2006-10-10
Severity (Vendor) N/A Revision N/A

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C)
Cvss Base Score 9.3 Attack Range Network
Cvss Impact Score 10 Attack Complexity Medium
Cvss Expoit Score 8.6 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Vulnerabilities in Microsoft PowerPoint Could Allow Remote Code Execution (924163)

CWE : Common Weakness Enumeration

% Id Name
100 % CWE-94 Failure to Control Generation of Code ('Code Injection')

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:220
 
Oval ID: oval:org.mitre.oval:def:220
Title: Microsoft PowerPoint Malformed Record Memory Corruption Vulnerability
Description: Unspecified vulnerability in PowerPoint in Microsoft Office 2000, Office 2002, Office 2003, Office 2004 for Mac, and Office v.X for Mac allows user-assisted attackers to execute arbitrary code via an unspecified "crafted file," a different vulnerability than CVE-2006-3435, CVE-2006-4694, and CVE-2006-3876.
Family: windows Class: vulnerability
Reference(s): CVE-2006-3877
Version: 3
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Product(s): Microsoft PowerPoint
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:269
 
Oval ID: oval:org.mitre.oval:def:269
Title: Microsoft PowerPoint Malformed Record Vulnerability
Description: Unspecified vulnerability in PowerPoint in Microsoft Office 2000, Office XP and Office 2003 allows user-assisted attackers to execute arbitrary code via a crafted record in a PPT file, as exploited by malware such as Exploit:Win32/Controlppt.W, Exploit:Win32/Controlppt.X, and Exploit-PPT.d/Trojan.PPDropper.F. NOTE: it has been reported that the attack vector involves SlideShowWindows.View.GotoNamedShow.
Family: windows Class: vulnerability
Reference(s): CVE-2006-4694
Version: 3
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Product(s): Microsoft PowerPoint
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:453
 
Oval ID: oval:org.mitre.oval:def:453
Title: Microsoft PowerPoint Malformed Data Record Vulnerability
Description: Unspecified vulnerability in PowerPoint in Microsoft Office 2000, Office 2002, Office 2003, Office 2004 for Mac, and Office v.X for Mac allows user-assisted attackers to execute arbitrary code via a crafted Data record in a PPT file, a different vulnerability than CVE-2006-3435 and CVE-2006-4694.
Family: windows Class: vulnerability
Reference(s): CVE-2006-3876
Version: 3
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Product(s): Microsoft PowerPoint
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:476
 
Oval ID: oval:org.mitre.oval:def:476
Title: Microsoft PowerPoint Malformed Object Pointer Vulnerability
Description: PowerPoint in Microsoft Office 2000, XP, 2003, 2004 for Mac, and v.X for Mac does not properly parse the slide notes field in a document, which allows remote user-assisted attackers to execute arbitrary code via crafted data in this field, which triggers an erroneous object pointer calculation that uses data from within the document. NOTE: this issue is different than other PowerPoint vulnerabilities including CVE-2006-4694.
Family: windows Class: vulnerability
Reference(s): CVE-2006-3435
Version: 3
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Product(s): Microsoft PowerPoint
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:568
 
Oval ID: oval:org.mitre.oval:def:568
Title: PowerPoint Malformed Record Memory Corruption Vulnerability
Description: Unspecified vulnerability in PowerPoint in Microsoft Office 2000, Office 2002, Office 2003, Office 2004 for Mac, and Office v.X for Mac allows user-assisted attackers to execute arbitrary code via an unspecified "crafted file," a different vulnerability than CVE-2006-3435, CVE-2006-4694, and CVE-2006-3876.
Family: windows Class: vulnerability
Reference(s): CVE-2006-3877
Version: 4
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Product(s): Microsoft Office
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 3
Application 3
Application 1
Application 3
Application 1
Application 22
Application 1
Application 3
Application 4
Application 3
Application 3
Application 2
Application 3
Application 1

SAINT Exploits

Description Link
Microsoft PowerPoint NamedShows record code execution More info here
Microsoft PowerPoint malformed data record vulnerability More info here

Open Source Vulnerability Database (OSVDB)

Id Description
29448 Microsoft PowerPoint Crafted File Unspecified Code Execution

Microsoft PowerPoint contains a flaw that may allow a malicious user to execute arbitrary code. The issue is triggered when when a user opens a malicious PowerPoint PPT file. It is possible that the flaw may allow to execute code with the privileges of the user resulting in a loss of integrity. No further details have been provided.
29447 Microsoft PowerPoint Crafted PPT Data Record Code Execution

Microsoft PowerPoint contains a flaw that may allow a malicious user to execute arbitrary code. The issue is triggered when when a user opens a specially crafted PowerPoint PPT file. It is possible that the flaw may allow to execute code with the privileges of the user resulting in a loss of integrity.
29446 Microsoft PowerPoint Crafted PPT Object Pointer Code Execution

Microsoft PowerPoint contains a flaw that may allow a malicious user to execute arbitrary code. The issue is triggered when when a user opens a specially crafted PowerPoint PPT file with malicious data in the slide notes field. It is possible that the flaw may cause an erroneous object pointer calculation and, as a result, execution of code with the privileges of the user resulting in a loss of integrity.
29259 Microsoft PowerPoint PPT Unspecified Arbitrary Code Execution

Microsoft PowerPoint contains a flaw that may allow a malicious user to execute arbitrary code. The issue is triggered when a user opens a malicious PowerPoint PPT file. It is possible that the flaw may allow execute arbitrary code with the privileges of the user resulting in a loss of integrity.

Snort® IPS/IDS

Date Description
2014-01-10 Microsoft Office PowerPoint malformed NamedShows record code execution attempt
RuleID : 17497 - Revision : 17 - Type : FILE-OFFICE
2014-01-10 Microsoft Office PowerPoint malformed NamedShows record code execution attempt
RuleID : 17496 - Revision : 17 - Type : FILE-OFFICE
2014-01-10 Microsoft Office PowerPoint malformed data record code execution attempt
RuleID : 17292 - Revision : 15 - Type : FILE-OFFICE

Nessus® Vulnerability Scanner

Date Description
2007-02-13 Name : An application installed on the remote Mac OS X host is affected by multiple ...
File : macosx_ms_office_feb2006.nasl - Type : ACT_GATHER_INFO
2007-02-13 Name : Arbitrary code can be executed on the remote host through Microsoft Office.
File : smb_nt_ms07-015.nasl - Type : ACT_GATHER_INFO
2006-10-11 Name : An application installed on the remote Mac OS X host is affected by multiple ...
File : macosx_ms_office_oct2006.nasl - Type : ACT_GATHER_INFO
2006-10-10 Name : Arbitrary code can be executed on the remote host through Microsoft PowerPoint.
File : smb_nt_ms06-058.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
1
Date Informations
2014-02-17 11:45:30
  • Multiple Updates
2013-05-11 12:21:55
  • Multiple Updates