Skip to main content

Microsoft Office PowerPoint Remote Code Execution Vulnerability

Last Update Date: 28 Jan 2011 Release Date: 3 Apr 2009 5174 Views

RISK: Medium Risk

A vulnerability in Microsoft Office PowerPoint that could allow remote code execution if a user opens a specially crafted PowerPoint file.


Impact

  • Remote Code Execution

System / Technologies affected

  • Microsoft Office 2000 Service Pack 3
    - Microsoft Office PowerPoint 2000 Service Pack 3
  • Microsoft Office XP Service Pack 3
    - Microsoft Office PowerPoint 2002 Service Pack 3
  • Microsoft Office 2003 Service Pack 3
    - Microsoft Office PowerPoint 2003 Service Pack 3
  • Microsoft Office 2004 for Mac

Solutions

Note: There is no patch available for this vulnerability currently.

Workaround:
It is recommended to use MOICE (Microsoft Office Isolated Conversion Environment) for opening untrusted Office documents and/or using Microsoft Office File Block policy to block the opening of Office 2003 and earlier documents.


Vulnerability Identifier


Source


Related Link