| VID |
26367 |
| Severity |
40 |
| Port |
139,445 |
| Protocol |
TCP |
| Class |
SMB |
| Detailed Description |
The hotfix (MS08-051, 949785) for 'Remote Code Execution Vulnerabilities in Microsoft PowerPoint' has not been applied. Microsoft PowerPoint 2000, 2002, 2003, and 2007 could allow a remote attacker to execute arbitrary code, caused by the following vulnerabilities:
- PowerPoint Memory Allocation Vulnerability (CVE-2008-0120)
- PowerPoint Memory Calculation Vulnerability (CVE-2008-0121)
- PowerPoint Parsing Overflow Vulnerability (CVE-2008-1455)
By constructing a specially crafted PPT file, a remote attacker could potentially execute arbitrary code if a user visited a Web site or viewed a specially crafted e-mail message. An attacker who successfully exploited this vulnerability could take complete control of an affected system.
* Note: This check requires an account with administrative privileges which can log into the host to scan. Absence of these condition will result in the check not being performed and a False Negative for all vulnerable hosts.
* References:
http://www.microsoft.com/technet/security/bulletin/ms08-051.mspx
* Platforms Affected:
Microsoft Office 2004 Mac OS
Microsoft Office Compatibility Pack 2007 SP1
Microsoft Office Compatibility Pack 2007
Microsoft PowerPoint 2000 SP3
Microsoft PowerPoint 2002 SP3
Microsoft PowerPoint 2003 SP3
Microsoft PowerPoint 2007 SP1
Microsoft PowerPoint Viewer 2003
Apple Mac OS Any version
Microsoft Windows Any version |
| Recommendation |
Apply the appropriate patch (949785) for your system, as listed in Microsoft Security Bulletin MS08-051 at http://www.microsoft.com/technet/security/bulletin/ms08-051.mspx |
| Related URL |
CVE-2006-3435,CVE-2006-3876,CVE-2006-3877,CVE-2006-4694 (CVE) |
| Related URL |
20325,20322,20304 (SecurityFocus) |
| Related URL |
29225,29232,29233,29234 (ISS) |
|
