| CVE Number | Vulnerability | Product | Severity | Date |
|---|---|---|---|---|
| MS11-022 | Vulnerabilities in Microsoft PowerPoint Could Allow Remote Code Execution (2489283) | Microsoft Office | Critical | 13-04-2011 |
Technical Information
Brief overview of the risk:
This security update resolves three privately reported vulnerabilities in Microsoft PowerPoint. The vulnerabilities could allow remote code execution if a user opens a specially crafted PowerPoint file. An attacker who successfully exploited any of these vulnerabilities could gain the same user rights as the local user.
Detailed Information on the risk:
A remote code execution vulnerability exists in the way that Microsoft PowerPoint handles specially crafted PowerPoint files. An attacker could exploit the vulnerability by creating a specially crafted PowerPoint file that could be included as an e-mail attachment, or hosted on a specially crafted or compromised Web site.
Further information on this exploit is available at : MS11-022
Affected Software
Microsoft Office XP Service Pack 3Microsoft PowerPoint 2002 Service Pack 3
Microsoft Office 2003 Service Pack 3
Microsoft PowerPoint 2003 Service Pack 3
Microsoft Office 2007 Service Pack 2
Microsoft PowerPoint 2007 Service Pack 2
Microsoft Office 2010 (32-bit editions)
Microsoft PowerPoint 2010 (32-bit editions)[1]
Microsoft Office 2010 (64-bit editions)
Microsoft PowerPoint 2010 (64-bit editions)[1]
Microsoft Office for Mac
Microsoft Office 2004 for Mac
Microsoft Office 2008 for Mac