iDefense Security Advisory 08.12.08 - Remote exploitation of an out of boundary array index vulnerability in Microsoft Corp.'s PowerPoint Viewer 2003 could allow an attacker to execute arbitrary code in the context of the user running the application. This vulnerability specifically exists in PowerPoint Viewer 2003 when handling certain records in a PowerPoint presentation file. In some circumstances, an array index can be directly controlled by data from within the PowerPoint presentation file. Thus, a function pointer can be directly controlled by the attacker and leveraged for arbitrary code execution. iDefense has confirmed that pptview.exe file version 11.0.5703.0 is vulnerable. Previous versions are also likely to be affected.
fdbaba262f38504a718a7a20bdfe67eb45165704219047a0a47f08f9c4936860
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed