Summary
| Detail | |||
|---|---|---|---|
| Vendor | Microsoft | First view | 2008-09-10 |
| Product | Powerpoint Viewer | Last view | 2019-03-05 |
| Version | Type | ||
| Update | |||
| Edition | |||
| Language | |||
| Sofware Edition | |||
| Target Software | |||
| Target Hardware | |||
| Other | |||
Activity : Overall
COMMON PLATFORM ENUMERATION: Repartition per Version
Related : CVE
| Date | Alert | Description | |
|---|---|---|---|
| 5.5 | 2019-03-05 | CVE-2019-0540 | A security feature bypass vulnerability exists when Microsoft Office does not validate URLs.An attacker could send a victim a specially crafted file, which could trick the victim into entering credentials, aka 'Microsoft Office Security Feature Bypass Vulnerability'. |
| 7.8 | 2018-12-11 | CVE-2018-8628 | A remote code execution vulnerability exists in Microsoft PowerPoint software when the software fails to properly handle objects in memory, aka "Microsoft PowerPoint Remote Code Execution Vulnerability." This affects Microsoft Office, Office 365 ProPlus, Microsoft PowerPoint, Microsoft SharePoint, Microsoft PowerPoint Viewer, Office Online Server, Microsoft SharePoint Server. |
| 8.8 | 2018-10-10 | CVE-2018-8501 | A remote code execution vulnerability exists in Microsoft PowerPoint software when the software fails to properly handle objects in Protected View, aka "Microsoft PowerPoint Remote Code Execution Vulnerability." This affects Office 365 ProPlus, PowerPoint Viewer, Microsoft Office, Microsoft PowerPoint. |
| 7.8 | 2018-10-10 | CVE-2018-8432 | A remote code execution vulnerability exists in the way that Microsoft Graphics Components handle objects in memory, aka "Microsoft Graphics Components Remote Code Execution Vulnerability." This affects Windows 7, Microsoft Office, Microsoft Office Word Viewer, Office 365 ProPlus, Microsoft Excel Viewer, Microsoft PowerPoint Viewer, Windows Server 2019, Windows Server 2008 R2, Windows 10, Windows Server 2008. |
| 5.5 | 2018-10-10 | CVE-2018-8427 | An information disclosure vulnerability exists in the way that Microsoft Graphics Components handle objects in memory, aka "Microsoft Graphics Components Information Disclosure Vulnerability." This affects Microsoft Office, Microsoft Office Word Viewer, Office 365 ProPlus, Windows Server 2008, Microsoft PowerPoint Viewer, Microsoft Excel Viewer. |
| 7.8 | 2017-09-12 | CVE-2017-8742 | A remote code execution vulnerability exists in Microsoft PowerPoint 2007 Service Pack 3, Microsoft PowerPoint 2010 Service Pack 2, Microsoft PowerPoint 2013 Service Pack 1, Microsoft PowerPoint 2013 RT Service Pack 1, Microsoft PowerPoint 2016, Microsoft PowerPoint Viewer 2007, Microsoft SharePoint Server 2013 Service Pack 1, Microsoft SharePoint Enterprise Server 2016, Microsoft Office Web Apps 2010 Service Pack 2, and Microsoft Office Compatibility Pack Service Pack 3 when they fail to properly handle objects in memory, aka "PowerPoint Remote Code Execution Vulnerability". This CVE ID is unique from CVE-2017-8743. |
| 7.8 | 2016-11-10 | CVE-2016-7230 | Microsoft PowerPoint 2010 SP2, PowerPoint Viewer, and Office Web Apps 2010 SP2 allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability." |
| 7.8 | 2016-09-14 | CVE-2016-3360 | Microsoft PowerPoint 2007 SP3, PowerPoint 2010 SP2, PowerPoint 2013 SP1, PowerPoint 2013 RT SP1, PowerPoint 2016 for Mac, Office Compatibility Pack SP3, PowerPoint Viewer, SharePoint Server 2013 SP1, Office Web Apps 2010 SP2, and Office Web Apps Server 2013 SP1 allow remote attackers to execute arbitrary code via a crafted document, aka "Microsoft Office Memory Corruption Vulnerability." |
| 9.3 | 2015-05-13 | CVE-2015-1682 | Microsoft Office 2010 SP2, Excel 2010 SP2, PowerPoint 2010 SP2, Word 2010 SP2, Office 2013 SP1, Excel 2013 SP1, PowerPoint 2013 SP1, Word 2013 SP1, Office 2013 RT SP1, Excel 2013 RT SP1, PowerPoint 2013 RT SP1, Word 2013 RT SP1, Office for Mac 2011, Excel for Mac 2011, PowerPoint for Mac 2011, Word for Mac 2011, PowerPoint Viewer, Word Automation Services on SharePoint Server 2010 SP2 and 2013 SP1, Excel Services on SharePoint Server 2010 SP2 and 2013 SP1, Office Web Apps 2010 SP2, Excel Web App 2010 SP2, Office Web Apps Server 2013 SP1, SharePoint Foundation 2010 SP2, and SharePoint Server 2013 SP1 allow remote attackers to execute arbitrary code via a crafted document, aka "Microsoft Office Memory Corruption Vulnerability." |
| 9.3 | 2011-12-13 | CVE-2011-3413 | Microsoft PowerPoint 2007 SP2; Office 2008 for Mac; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2; and PowerPoint Viewer 2007 SP2 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via an invalid OfficeArt record in a PowerPoint document, aka "OfficeArt Shape RCE Vulnerability." |
| 9.3 | 2011-04-13 | CVE-2011-0656 | Microsoft PowerPoint 2002 SP3, 2003 SP3, 2007 SP2, and 2010; Office 2004, 2008, and 2011 for Mac; Open XML File Format Converter for Mac; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2; PowerPoint Viewer; PowerPoint Viewer 2007 SP2; and PowerPoint Web App do not properly validate PersistDirectoryEntry records in PowerPoint documents, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a Slide with a malformed record, which triggers an exception and later use of an unspecified method, aka "Persist Directory RCE Vulnerability." |
| 9.3 | 2011-04-13 | CVE-2011-0655 | Microsoft PowerPoint 2007 SP2 and 2010; Office 2004, 2008, and 2011 for Mac; Open XML File Format Converter for Mac; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2; PowerPoint Viewer; PowerPoint Viewer 2007 SP2; and PowerPoint Web App do not properly validate TimeColorBehaviorContainer Floating Point records in PowerPoint documents, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted document containing an invalid record, aka "Floating Point Techno-color Time Bandit RCE Vulnerability." |
| 9.3 | 2010-11-09 | CVE-2010-2573 | Integer underflow in Microsoft PowerPoint 2002 SP3 and 2003 SP3, PowerPoint Viewer SP2, and Office 2004 for Mac allows remote attackers to execute arbitrary code via a crafted PowerPoint document, aka "PowerPoint Integer Underflow Causes Heap Corruption Vulnerability." |
| 9.3 | 2008-09-10 | CVE-2008-3013 | gdiplus.dll in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, Server 2008, Office XP SP3, Office 2003 SP2 and SP3, 2007 Microsoft Office System Gold and SP1, Visio 2002 SP2, PowerPoint Viewer 2003, Works 8, Digital Image Suite 2006, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2, Report Viewer 2005 SP1 and 2008, and Forefront Client Security 1.0 allows remote attackers to execute arbitrary code via a malformed GIF image file containing many extension markers for graphic control extensions and subsequent unknown labels, aka "GDI+ GIF Parsing Vulnerability." |
CWE : Common Weakness Enumeration
| % | id | Name |
|---|---|---|
| 36% (4) | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
| 18% (2) | CWE-20 | Improper Input Validation |
| 9% (1) | CWE-601 | URL Redirection to Untrusted Site ('Open Redirect') |
| 9% (1) | CWE-399 | Resource Management Errors |
| 9% (1) | CWE-200 | Information Exposure |
| 9% (1) | CWE-189 | Numeric Errors |
| 9% (1) | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
Oval Markup Language : Definitions
| OvalID | Name |
|---|---|
| oval:org.mitre.oval:def:5986 | GDI+ GIF Parsing Vulnerability |
| oval:org.mitre.oval:def:12122 | PowerPoint Integer Underflow Causes Heap Corruption Vulnerability |
| oval:org.mitre.oval:def:12624 | Floating Point Techno-color Time Bandit RCE Vulnerability |
| oval:org.mitre.oval:def:11761 | Persist Directory RCE Vulnerability |
| oval:org.mitre.oval:def:14581 | OfficeArt Shape RCE Vulnerability |
| oval:org.mitre.oval:def:28645 | Microsoft Office memory corruption vulnerability – CVE-2015-1682 (MS15-046) |
| oval:org.mitre.oval:def:28547 | Microsoft Office memory corruption vulnerability – CVE-2015-1682 (MS15-046) |
SAINT Exploits
| Description | Link |
|---|---|
| Microsoft PowerPoint Floating Point Techno-color Time Bandit vulnerability | More info here |
Open Source Vulnerability Database (OSVDB)
| id | Description |
|---|---|
| 77664 | Microsoft Office PowerPoint OfficeArt Shape Record PowerPoint File Handling R... |
| 71771 | Microsoft Office PowerPoint TimeColorBehaviorContainer (Techno-color Time Ban... |
| 71770 | Microsoft Office PowerPoint PersistDirectoryEntry Processing Remote Code Exec... |
| 69091 | Microsoft Office PowerPoint File Animation Node Parsing Underflow Heap Corrup... |
| 47967 | Microsoft Multiple Products GDI+ GIF Image Handling Arbitrary Code Execution |
OpenVAS Exploits
| id | Description |
|---|---|
| 2011-12-14 | Name : Microsoft Office PowerPoint Remote Code Execution Vulnerabilities (2639142) File : nvt/secpod_ms11-094.nasl |
| 2011-04-13 | Name : Microsoft Office PowerPoint Remote Code Execution Vulnerabilities (2489283) File : nvt/secpod_ms11-022.nasl |
| 2011-01-18 | Name : Microsoft Products GDI Plus Remote Code Execution Vulnerabilities (954593) File : nvt/gb_ms08-052.nasl |
| 2010-11-10 | Name : Microsoft Office PowerPoint Remote Code Execution Vulnerabilities (2293386) File : nvt/secpod_ms10-088.nasl |
Information Assurance Vulnerability Management (IAVM)
| id | Description |
|---|---|
| 2015-A-0103 | Multiple Vulnerabilities in Microsoft Office Products (MS15-046) Severity: Category II - VMSKEY: V0060643 |
| 2011-A-0166 | Multiple Remote Code Execution Vulnerabilities in Microsoft Office PowerPoint Severity: Category II - VMSKEY: V0030831 |
| 2011-A-0047 | Multiple Vulnerabilities in Microsoft Office PowerPoint Severity: Category II - VMSKEY: V0026525 |
| 2008-T-0053 | WinZip gdiplus.dll Microsoft Module Unspecified Security Vulnerability Severity: Category II - VMSKEY: V0017532 |
Snort® IPS/IDS
| Date | Description |
|---|---|
| 2019-01-15 | Microsoft Office Powerpoint use after free attempt RuleID : 48602 - Type : FILE-OFFICE - Revision : 2 |
| 2019-01-15 | Microsoft Office Powerpoint use after free attempt RuleID : 48601 - Type : FILE-OFFICE - Revision : 2 |
| 2016-12-06 | Microsoft PowerPoint ntdll out of bounds read attempt RuleID : 40682 - Type : FILE-OFFICE - Revision : 2 |
| 2016-12-06 | Microsoft PowerPoint ntdll out of bounds read attempt RuleID : 40681 - Type : FILE-OFFICE - Revision : 2 |
| 2016-10-13 | Microsoft Office PowerPoint ppcore invalid pointer reference attempt RuleID : 40148 - Type : FILE-OFFICE - Revision : 3 |
| 2016-10-13 | Microsoft Office PowerPoint ppcore invalid pointer reference attempt RuleID : 40147 - Type : FILE-OFFICE - Revision : 3 |
| 2016-03-14 | Microsoft Office PowerPoint malformed record call to freed object attempt RuleID : 37035 - Type : FILE-OFFICE - Revision : 2 |
| 2016-03-14 | Microsoft Office PowerPoint malformed record call to freed object attempt RuleID : 37034 - Type : FILE-OFFICE - Revision : 2 |
| 2016-03-14 | Microsoft Office PowerPoint malformed record call to freed object attempt RuleID : 37033 - Type : FILE-OFFICE - Revision : 2 |
| 2016-03-14 | Microsoft Office PowerPoint malformed record call to freed object attempt RuleID : 37032 - Type : FILE-OFFICE - Revision : 2 |
| 2016-03-14 | Microsoft Office PowerPoint malformed record call to freed object attempt RuleID : 37031 - Type : FILE-OFFICE - Revision : 2 |
| 2016-03-14 | Microsoft Office PowerPoint malformed record call to freed object attempt RuleID : 37030 - Type : FILE-OFFICE - Revision : 2 |
| 2016-03-14 | Microsoft Office PowerPoint malformed record call to freed object attempt RuleID : 37029 - Type : FILE-OFFICE - Revision : 2 |
| 2015-09-03 | Microsoft Office PowerPoint invalid OfficeArtSpContainer subrecord type confu... RuleID : 35443 - Type : FILE-OFFICE - Revision : 3 |
| 2015-09-03 | Microsoft Office PowerPoint invalid OfficeArtSpContainer subrecord type confu... RuleID : 35442 - Type : FILE-OFFICE - Revision : 3 |
| 2015-09-03 | Microsoft Office PowerPoint invalid OfficeArtSpContainer subrecord type confu... RuleID : 35441 - Type : FILE-OFFICE - Revision : 3 |
| 2015-09-03 | Microsoft Office PowerPoint invalid OfficeArtSpContainer subrecord type confu... RuleID : 35440 - Type : FILE-OFFICE - Revision : 3 |
| 2015-06-17 | Microsoft Office Word incorrect ptCount element denial of service attempt RuleID : 34429 - Type : FILE-OFFICE - Revision : 4 |
| 2015-06-17 | Microsoft Office Word incorrect ptCount element denial of service attempt RuleID : 34428 - Type : FILE-OFFICE - Revision : 3 |
| 2014-01-10 | Microsoft Office PowerPoint invalid OfficeArtSpContainer subrecord type confu... RuleID : 25355 - Type : FILE-OFFICE - Revision : 11 |
| 2014-01-10 | Microsoft Office PowerPoint invalid OfficeArtSpContainer subrecord type confu... RuleID : 25354 - Type : FILE-OFFICE - Revision : 11 |
| 2014-01-10 | Microsoft Office PowerPoint invalid OfficeArtSpContainer subrecord type confu... RuleID : 25353 - Type : FILE-OFFICE - Revision : 11 |
| 2014-01-10 | Microsoft Office PowerPoint integer underflow heap corruption attempt RuleID : 25311 - Type : FILE-OFFICE - Revision : 5 |
| 2014-01-10 | Microsoft Office PowerPoint malformed record call to freed object attempt RuleID : 21647 - Type : FILE-OFFICE - Revision : 7 |
| 2014-01-10 | Microsoft Office PowerPoint invalid OfficeArtSpContainer subrecord type confu... RuleID : 20722 - Type : FILE-OFFICE - Revision : 21 |
Nessus® Vulnerability Scanner
| id | Description |
|---|---|
| 2018-12-13 | Name: An application installed on the remote macOS or Mac OS X host is affected by ... File: macos_ms18_dec_office.nasl - Type: ACT_GATHER_INFO |
| 2018-10-22 | Name: An application installed on the remote macOS or Mac OS X host is affected by ... File: macos_ms18_oct_office.nasl - Type: ACT_GATHER_INFO |
| 2017-09-13 | Name: An application installed on the remote Windows host is affected by multiple r... File: smb_nt_ms17_sep_office_web.nasl - Type: ACT_GATHER_INFO |
| 2017-09-12 | Name: The Microsoft Powerpoint Products are affected by multiple vulnerabilities. File: smb_nt_ms17_sep_powerpoint.nasl - Type: ACT_GATHER_INFO |
| 2017-09-12 | Name: The Microsoft Office Products are affected by multiple vulnerabilities. File: smb_nt_ms17_sep_office_viewers.nasl - Type: ACT_GATHER_INFO |
| 2017-09-12 | Name: The Microsoft Sharepoint Server installation on the remote host is affected b... File: smb_nt_ms17_sep_office_sharepoint.nasl - Type: ACT_GATHER_INFO |
| 2017-09-12 | Name: Microsoft Office Compatibility Pack SP3 is affected by multiple vulnerabilities. File: smb_nt_ms17_sep_office_compatibility.nasl - Type: ACT_GATHER_INFO |
| 2017-09-12 | Name: The Microsoft Office Products are affected by multiple vulnerabilities. File: smb_nt_ms17_sep_office.nasl - Type: ACT_GATHER_INFO |
| 2016-11-08 | Name: An application installed on the remote host is affected by multiple vulnerabi... File: smb_nt_ms16-133.nasl - Type: ACT_GATHER_INFO |
| 2016-09-15 | Name: An application installed on the remote Mac OS X host is affected by multiple ... File: macosx_ms16-107_office.nasl - Type: ACT_GATHER_INFO |
| 2016-09-14 | Name: An application installed on the remote host is affected by multiple vulnerabi... File: smb_nt_ms16-107.nasl - Type: ACT_GATHER_INFO |
| 2015-05-13 | Name: The remote host is affected by multiple remote code execution vulnerabilities. File: smb_nt_ms15-046.nasl - Type: ACT_GATHER_INFO |
| 2015-05-13 | Name: An application installed on the remote Mac OS X host is affected by a remote ... File: macosx_ms15-046_office_2011.nasl - Type: ACT_GATHER_INFO |
| 2011-12-13 | Name: Arbitrary code can be executed on the remote host through Microsoft PowerPoint. File: smb_nt_ms11-094.nasl - Type: ACT_GATHER_INFO |
| 2011-12-13 | Name: An application installed on the remote Mac OS X host is affected by multiple ... File: macosx_ms_office_dec2011.nasl - Type: ACT_GATHER_INFO |
| 2011-04-13 | Name: An application installed on the remote Mac OS X host is affected by multiple ... File: macosx_ms_office_apr2011.nasl - Type: ACT_GATHER_INFO |
| 2011-04-13 | Name: Arbitrary code can be executed on the remote host through Microsoft PowerPoint. File: smb_nt_ms11-022.nasl - Type: ACT_GATHER_INFO |
| 2010-11-09 | Name: Arbitrary code can be executed on the remote host through Microsoft PowerPoint. File: smb_nt_ms10-088.nasl - Type: ACT_GATHER_INFO |
| 2010-11-09 | Name: Arbitrary code can be executed on the remote host through Microsoft Office. File: smb_nt_ms10-087.nasl - Type: ACT_GATHER_INFO |
| 2008-09-10 | Name: Arbitrary code can be executed on the remote host through the Microsoft GDI r... File: smb_nt_ms08-052.nasl - Type: ACT_GATHER_INFO |
