Content
(MS10-004) Microsoft Office PowerPoint LinkedSlideAtom Heap Overflow Vulnerability (975416)
- Type
- Logic error
- Impact of exploitation
- Remote Code Execution
- User Interaction
- no user interaction is needed
- Attack Vector
- Maliciously Crafted File
- Rating
- Medium
- CVE reference
- CVE-2010-0030,
- Vendor Status
- Responded and patched
- Vulnerable systems
- Powerpoint 2002 SP3,
- Powerpoint 2003 SP3,
- Summary
- A heap overflow vulnerability exists in Microsoft's PowerPoint that could allow an attacker to remotely execute code.
Tab Navigation
Description
Microsoft PowerPoint is a component of Microsoft's Office Suite, used on Windows systems. Microsoft Windows is an industry standard operating system. A heap overflow vulnerability exists in Microsoft's PowerPoint that could allow an attacker to remotely execute code. Specifically, the vulnerability is in the way that PowerPoint handles specially crafted PowerPoint files. Successful exploitation of the vulnerability could allow an attacker to take complete control of an affected system.
McAfee Product Mitigation & Recommendations
Recommendations
The vendor has released an update to address this issue. http://www.microsoft.com/technet/security/bulletin/ms10-004.mspx
McAfee Product Mitigation
McAfee Foundstone
- Signature:
- (MS10-004) Microsoft Office PowerPoint LinkedSlideAtom Heap Overflow Vulnerability (975416)
- Signature identifier:
- 7872
- Release date:
- 2/9/2010
Additional Resources
(MS10-004) Microsoft Office PowerPoint LinkedSlideAtom Heap Overflow Vulnerability (975416)
http://www.microsoft.com/technet/security/bulletin/ms10-004.mspx
All Information
Timeline -
2/9/2010
Vendor has provided a patch.
Description -
Microsoft PowerPoint is a component of Microsoft's Office Suite, used on Windows systems. Microsoft Windows is an industry standard operating system. A heap overflow vulnerability exists in Microsoft's PowerPoint that could allow an attacker to remotely execute code. Specifically, the vulnerability is in the way that PowerPoint handles specially crafted PowerPoint files. Successful exploitation of the vulnerability could allow an attacker to take complete control of an affected system.
McAfee Product Mitigation & Recommendations
Recommendations -
The vendor has released an update to address this issue. http://www.microsoft.com/technet/security/bulletin/ms10-004.mspx
McAfee Product Mitigation
McAfee Foundstone
- Signature:
- (MS10-004) Microsoft Office PowerPoint LinkedSlideAtom Heap Overflow Vulnerability (975416)
- Signature identifier:
- 7872
- Release date:
- 2/9/2010
Additional Resources
Additional Resources -
(MS10-004) Microsoft Office PowerPoint LinkedSlideAtom Heap Overflow Vulnerability (975416)
http://www.microsoft.com/technet/security/bulletin/ms10-004.mspx
