<< Back
CVE Number Vulnerability Product Severity Date
MS11-094 Vulnerabilities in Microsoft PowerPoint Could Allow Remote Code Execution (2639142) Microsoft Office Important 14-12-2011

Technical Information

Brief overview of the risk:
The vulnerabilities could allow remote code execution if a user opens a specially crafted PowerPoint file. An attacker who successfully exploited either of the vulnerabilities could take complete control of an affected system.
Detailed Information on the risk:

A remote code execution vulnerability exists in the way that Microsoft PowerPoint handles specially crafted PowerPoint files. An attacker could exploit the vulnerability by creating a specially crafted PowerPoint file that could be included as an e-mail attachment, or hosted on a specially crafted or compromised Web site.

Further information on this exploit is available at : MS11-094

Affected Software

Microsoft Office 2007 Service Pack 2
Microsoft Office 2010 (32-bit editions)
Microsoft Office 2010 (64-bit editions)
Microsoft Office 2008 for Mac (KB2644354)
Microsoft PowerPoint Viewer 2007 Service Pack 2 (KB2596912)