Executive Summary
Summary | |
---|---|
Title | Microsoft Office PowerPoint code execution vulnerability |
Informations | |||
---|---|---|---|
Name | VU#627331 | First vendor Publication | 2009-04-03 |
Vendor | VU-CERT | Last vendor Modification | 2009-04-03 |
Severity (Vendor) | N/A | Revision | M |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 9.3 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Medium |
Cvss Expoit Score | 8.6 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Vulnerability Note VU#627331Microsoft Office PowerPoint code execution vulnerabilityOverviewMicrosoft PowerPoint contains a vulnerability. If exploited, this vulnerability could allow an attacker to execute code.I. DescriptionMicrosoft Powerpoint is a component of Microsoft Office. Per Microsoft Security Advisory 969136:The vulnerability is caused when Microsoft Office PowerPoint accesses an invalid object in memory when parsing a specially crafted PowerPoint file. This creates a condition that allows the attacker to execute arbitrary code. The advisory also states that Microsoft Office 2000, Microsoft Office XP, Microsoft Office 2003, and Microsoft Office 2004 for Mac are affected. II. ImpactA remote attacker may be able to execute code with the privileges of the user running PowerPoint.III. SolutionWe are currently unaware of solution to this problem. Until updates are available, users are encouraged to use the below workarounds.
References
Information from Microsoft Security Advisory 969136 was used in this report. This document was written by Ryan Giobbi.
|
Original Source
Url : http://www.kb.cert.org/vuls/id/627331 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:6204 | |||
Oval ID: | oval:org.mitre.oval:def:6204 | ||
Title: | MS PowerPoint File Parsing Remote Code Execution Vulnerability | ||
Description: | Microsoft Office PowerPoint 2000 SP3, 2002 SP3, and 2003 SP3, and PowerPoint in Microsoft Office 2004 for Mac, allows remote attackers to execute arbitrary code via a PowerPoint file with an OutlineTextRefAtom containing an an invalid index value that triggers memory corruption, as exploited in the wild in April 2009 by Exploit:Win32/Apptom.gen, aka "Memory Corruption Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2009-0556 | Version: | 2 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 | Product(s): | Microsoft PowerPoint 2000 Microsoft PowerPoint 2002 Microsoft PowerPoint 2003 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:6279 | |||
Oval ID: | oval:org.mitre.oval:def:6279 | ||
Title: | Memory Corruption Vulnerability | ||
Description: | Microsoft Office PowerPoint 2000 SP3, 2002 SP3, and 2003 SP3, and PowerPoint in Microsoft Office 2004 for Mac, allows remote attackers to execute arbitrary code via a PowerPoint file with an OutlineTextRefAtom containing an an invalid index value that triggers memory corruption, as exploited in the wild in April 2009 by Exploit:Win32/Apptom.gen, aka "Memory Corruption Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2009-0556 | Version: | 3 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista | Product(s): | Microsoft Office PowerPoint 2000 Service Pack 3 Microsoft Office PowerPoint 2002 Service Pack 3 Microsoft Office PowerPoint 2003 Service Pack 3 |
Definition Synopsis: | |||
CPE : Common Platform Enumeration
Type | Description | Count |
---|---|---|
Application | 1 | |
Application | 3 |
SAINT Exploits
Description | Link |
---|---|
Microsoft PowerPoint invalid object reference vulnerability | More info here |
OpenVAS Exploits
Date | Description |
---|---|
2009-06-05 | Name : Ubuntu USN-771-1 (libmodplug) File : nvt/ubuntu_771_1.nasl |
2009-06-05 | Name : Ubuntu USN-772-1 (mpfr) File : nvt/ubuntu_772_1.nasl |
2009-06-05 | Name : Ubuntu USN-773-1 (pango1.0) File : nvt/ubuntu_773_1.nasl |
2009-06-05 | Name : Ubuntu USN-774-1 (moin) File : nvt/ubuntu_774_1.nasl |
2009-04-07 | Name : Microsoft PowerPoint File Parsing Remote Code Execution Vulnerability (967340) File : nvt/gb_ms_powerpoint_code_exec_vuln.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
54391 | Microsoft Office PowerPoint OutlineTextRefAtom Parsing Memory Corruption Arbi... |
53182 | Microsoft Office PowerPoint PPT File Handling Unspecified Code Execution |
Information Assurance Vulnerability Management (IAVM)
Date | Description |
---|---|
2009-05-14 | IAVM : 2009-A-0039 - Multiple Vulnerabilities in Microsoft Office PowerPoint Severity : Category I - VMSKEY : V0019159 |
Snort® IPS/IDS
Date | Description |
---|---|
2017-02-25 | Microsoft Office PowerPoint malformed msofbtTextbox exploit attempt RuleID : 41414 - Revision : 1 - Type : FILE-OFFICE |
2017-02-25 | Microsoft Office PowerPoint malformed msofbtTextbox exploit attempt RuleID : 41413 - Revision : 1 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Office PowerPoint malformed msofbtTextbox exploit attempt RuleID : 15454 - Revision : 12 - Type : FILE-OFFICE |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2009-05-13 | Name : Arbitrary code can be executed on the remote host through Microsoft PowerPoint. File : smb_nt_ms09-017.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 12:08:03 |
|
2013-05-11 00:57:15 |
|