Intrusion Prevention

MS.PowerPoint.CurrentUserAtom.Remote.Code.Execution

Description

This indicates an attack attempt against a stack-based buffer overflow vulnerability in Microsoft PowerPoint.
The vulnerability exists in the way that PowerPoint handles a specially crafted record in PowerPoint files. It may lead to arbitrary code execution.

Affected Products

PowerPoint 2000

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Apply patch, available from the web site:
http://www.microsoft.com/technet/security/Bulletin/MS09-017.mspx

CVE References

CVE-2009-1131