This application requires Javascript for optimal performance.

MS.PPT.Invalid.TimeColorBehaviorContainer.Remote.Code.Execution

Release Date Sep 20, 2011
Severity high
Impact System Compromise: Remote attackers can gain control of vulnerable systems.
Description This indicates an attack attempt to exploit a remote Code Execution vulnerability in Microsoft Powerpoint. The vulnerability is caused by an error that occurs when the vulnerable software handles a malicious "PPT" file. A remote attacker may exploit this to execute arbitrary code via a crafted "PPT" file.
Affected Products Microsoft PowerPoint Web App Web App Microsoft PowerPoint Viewer 2007 SP2 Microsoft PowerPoint Viewer 2007 SP1 Microsoft PowerPoint Viewer 2007 Microsoft PowerPoint 2010 Microsoft PowerPoint 2007 SP2 Microsoft PowerPoint 2007 SP1 Microsoft PowerPoint 2007 Microsoft Open XML File Format Converter for Mac Microsoft Office Compatibility Pack 2007 SP2 Microsoft Office Compatibility Pack 2007 SP1 Microsoft Office Compatibility Pack 2007 Microsoft Office 2011 for Mac Microsoft Office 2008 for Mac Microsoft Office 2004 for Mac
Recommended Actions Apply the latest update from the vendor. Microsoft Open XML File Format Converter for Mac Microsoft OpenXMLConverter119.dmg http://www.microsoft.com/downloads/details.aspx?FamilyID=0c323a12-6385-4666-ad39-a9516a8eda14 Microsoft Office 2008 for Mac Microsoft Office2008-1229UpdateEN.dmg http://www.microsoft.com/downloads/details.aspx?FamilyID=84dfe3f4-a2a1-47b9-8da1-29ae67230918 Microsoft Office 2004 for Mac Microsoft Office2004-1163UpdateEN.dmg http://www.microsoft.com/downloads/details.aspx?FamilyID=f756d836-6ab2-4adb-9dee-6cb523d7c1f5 Microsoft Office Compatibility Pack 2007 SP2 Microsoft Office2007-kb2464635-fullfile-x86-glb.exe http://www.microsoft.com/downloads/details.aspx?FamilyID=913efc28-7deb-47b8-8c22-8eb5fc2631e4 Microsoft PowerPoint 2007 SP2 Microsoft PowerPoint2007-KB2464594-fullfile-x86-glb.exe http://www.microsoft.com/downloads/details.aspx?familyid=6b2526fe-a061-4a17-992e-ac867bef130e Microsoft Office 2011 for Mac Microsoft Office2011-1410UpdateEN.dmg http://www.microsoft.com/downloads/details.aspx?FamilyID=ef1e612f-d8e3-4628-9fe4-ad136f0debd3 Microsoft PowerPoint Viewer 2007 SP2 Microsoft office2007-KB2464623-fullfile-x86-glb.exe http://www.microsoft.com/downloads/details.aspx?FamilyID=6e23d3c3-2944-42ea-80b3-0663af60d0f1 Microsoft PowerPoint 2010 Microsoft PowerPoint2010-kb2519975-fullfile-x86-glb.exe http://www.microsoft.com/downloads/details.aspx?familyid=549ca7f0-44bf-4965-a9d2-aa5e8dac2238 Microsoft PowerPoint2010-kb2519975-fullfile-x64-glb.exe http://www.microsoft.com/downloads/details.aspx?familyid=ef62deae-2b07-41c9-a4bf-b746566e59ee
Coverage IPS VCM
Common Vulnerabilities and Exposures (CVE) CVE-2011-0655
Reference/s http://technet.microsoft.com/en-us/security/bulletin/MS11-022.mspx (MS-ID) http://www.securityfocus.com/bid/47252 (BugTraq)

Reference: VID-29199

Current Threat Level

Vulnerabilities

Virus/Spyware

Spam

PGP Keys

Contact Form

Copyright © 2012 Fortinet Inc. All Rights Reserved