MS.PowerPoint.Malformed.Records.Remote.Code.Execution
Description
This indicates an attempt to exploit a remote Code Execution vulnerability in Microsoft PowerPoint.
The vulnerability can be exploited via a specially crafted ".PPT" file with malformed values in the "GenericDateMCAtom", "HeaderMCAtom" and "FooterMCAtom" records. It may allow a remote attacker to execute arbitrary code with the privileges of the victim, on a vulnerable system.
Affected Products
Microsoft PowerPoint 2000
Microsoft PowerPoint 2002
Microsoft PowerPoint 2003
Microsoft Office 2000
Microsoft Office XP
Microsoft Office 2003
Impact
System Compromise: Remote code execution.
Recommended Actions
Currently, we are not aware of any vendor supplied patches for this issue.
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |