| VID |
26202 |
| Severity |
20 |
| Port |
139,445 |
| Protocol |
TCP |
| Class |
SMB |
| Detailed Description |
The hotfix (916768) for 'Remote Code Execution Vulnerability in Microsoft PowerPoint' has not been applied. This update resolves a newly discovered, public vulnerability in Microsoft PowerPoint that could allow an attacker to run arbitrary code on a user's system. Microsoft PowerPoint in Microsoft Office 2000 SP3, Office XP SP3, Office 2003 SP1 and SP2, Office 2004 for Mac, and v. X for Mac could allow a remote attacker to execute arbitrary code on the affected host, caused by a buffer overflow vulnerability in the handling of malformed records in a PowerPoint (.ppt) file. By convincing a user to open a specially-crafted .ppt file, an attacker could execute arbitrary code with the privileges of the user running PowerPoint. If the user is logged in with administrative privileges, the attacker could take complete control of a vulnerable system.
* Note: This check requires an account with administrative privileges which can log into the host to scan. Absence of these condition will result in the check not being performed and a False Negative for all vulnerable hosts.
* References:
http://www.microsoft.com/technet/security/bulletin/ms06-028.mspx
http://www.kb.cert.org/vuls/id/190089
http://www.frsirt.com/english/advisories/2006/2325
http://secunia.com/advisories/20633
* Platforms Affected:
Microsoft PowerPoint 2000, 2002, 2003
Microsoft PowerPoint 2004 for Macintosh
Microsoft PowerPoint x for Macintosh
Microsoft Windows Any version |
| Recommendation |
Apply the appropriate patch (917336) for your system, as listed in Microsoft Security Bulletin MS06-028 at http://www.microsoft.com/technet/security/bulletin/ms06-028.mspx |
| Related URL |
CVE-2006-0004 (CVE) |
| Related URL |
16634 (SecurityFocus) |
| Related URL |
24490 (ISS) |
|
