MS06-028: PowerPoint malformed record / Remote Code Execution

Published: 2006-06-13
Last Updated: 2006-06-13 18:08:49 UTC
by John Bambenek (Version: 1)
0 comment(s)
MS06-028 - KB 916768

Vulnerable: Office 2000, XP, 2003 for Windows and Office v.X and Office 2004 for Mac (yes, this vulnerability is present on Mac systems)

This vulnerability affects PowerPoint documents and allows for remote code execution with the privileges of the logged in user.  A malicious PowerPoint document with a malformed record can corrupt system memory and be used to execute code.  This patch replaces MS06-010 for PowerPoint 2000.

An attacker would have to somehow convince a victim to open a malicious PowerPoint file to exploit this vulnerability (either by e-mail or web download, for instance).  If the user is logged in as administrator, an attacker would gain full control of the system.  Presumably, different malicious PowerPoint files would have to be created to exploit Windows and Mac (i.e. the same PowerPoint file would likely not be able to exploit both operating systems).

This patch is classified critical for PowerPoint 2000 only, and important for all other versions (including Mac).  This patch fixes the vulnerability detailed in CVE-2006-0022.  Users are advised to apply this patch if they use Microsoft PowerPoint.

John Bambenek -- University of Illinois
0 comment(s)


Diary Archives