<< Back
CVE Number Vulnerability Product Severity Date
MS09-017 Vulnerabilities in Microsoft Office PowerPoint Could Allow Remote Code Execution (967340) 2007 Microsoft Critical 13-05-2009

Technical Information

Brief overview of the risk:
This security update resolves a publicly disclosed vulnerability and several privately reported vulnerabilities in Microsoft Office PowerPoint that could allow remote code execution if a user opens a specially crafted PowerPoint file.
Detailed Information on the risk:

A remote code execution vulnerability exists in the way that Microsoft Office PowerPoint handles specially crafted PowerPoint files. An attacker could exploit the vulnerability by creating a specially crafted PowerPoint file that could be included as an e-mail attachment, or hosted on a specially crafted or compromised Web site.


Further information on this exploit is available at : MS09-017

Affected Software

2007 Microsoft Office System Service Pack 1
2007 Microsoft Office System Service Pack 2
Microsoft Office 2000 Service Pack 3
Microsoft Office 2003 Service Pack 3
Microsoft Office 2004 for Mac
Microsoft Office 2008 for Mac
Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Service Pack 1
Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Service Pack 2
Microsoft Office XP Service Pack 3
Microsoft Works 8.5
Microsoft Works 9.0
Open XML File Format Converter for Mac
PowerPoint Viewer 2003
PowerPoint Viewer 2007 Service Pack 1 and PowerPoint Viewer 2007 Service Pack 2