Release DateNov 22, 2006 |
Severitycritical |
ImpactSystem compromise: remote code execution. |
DescriptionThis indicates an attempt to exploit a remote code execution vulnerability in Microsoft PowerPoint.The vulnerability can be exploited via a crafted ".ppt" file with a malformed "NamedShows" record. As a result a remote attacker can execute arbitrary code on a vulnerable system with the privileges of the PowerPoint user. This vulnerability is exploited by the PPDropper.F and Exploit-PPT.d malware. |
Affected ProductsMicrosoft PowerPoint 2000Microsoft PowerPoint 2002 Microsoft PowerPoint 2003 Microsoft PowerPoint 2004 for Mac Microsoft PowerPoint 2004 v. X for Mac |
Recommended ActionsApply the following patch:http://www.microsoft.com/technet/security/bulletin/MS06-058.mspx |
Coverage IPS
VCM |
Common Vulnerabilities and Exposures (CVE)CVE-2006-4694 |
Reference/shttp://www.securityfocus.com/bid/20226 (BugTraq)http://technet.microsoft.com/en-us/security/bulletin/MS06-058.mspx (MS-ID) |
