(MS11-036) Vulnerabilities in Microsoft PowerPoint Could Allow Remote Code Execution (2545814)
Gravità: : Alto
Identificatori CVE: CVE-2011-1270
Data notifica: 11 maggio 2011
Descrizione
This security update resolves two reported vulnerabilities in Microsoft PowerPoint. The vulnerabilities allow remote code execution if a user opens a maliciously-crafted PowerPoint file. An attacker who successfully exploited either of these vulnerabilities could gain the same user rights as the logged-on user. The update addresses the vulnerabilities by correcting the way that PowerPoint handles memory when parsing specially crafted PowerPoint files.
Informazioni esposizione:
For information on patches specific to the affected software, please proceed to the Microsoft Web page.
Software e versione interessati:
- Microsoft Office XP Service Pack 3
- Microsoft Office 2003 Service Pack 3
- Microsoft Office 2007 Service Pack 2
- Microsoft Office 2004 for Mac
- Microsoft Office 2008 for Mac
- Open XML File Format Converter for Mac
- Microsoft Office Compatibility Pack for Word
- Excel
- and PowerPoint 2007 File Formats Service Pack 2