SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Generic)  >   Microsoft PowerPoint Vendors:   Microsoft
Microsoft PowerPoint Bug Causes PowerPoint to Crash
SecurityTracker Alert ID:  1017059
SecurityTracker URL:  http://securitytracker.com/id/1017059
CVE Reference:   CVE-2006-5296   (Links to External Site)
Updated:  Nov 13 2006
Original Entry Date:  Oct 13 2006
Impact:   Denial of service via network
Vendor Confirmed:  Yes  Exploit Included:  Yes  
Version(s): 2003
Description:   A vulnerability was reported in Microsoft PowerPoint. A remote user can cause the PowerPoint application to crash on the target user's system.

A remote user can create a specially crafted PowerPoint file that, when loaded by the target user, will cause the PowerPoint application to crash.

This was originally reported (with release of proof-of-concept exploit code by Nanika) as potentially allowing arbitrary code to be executed on the target system.

On November 11, 2006, Microsoft reported that this vulnerability is a null pointer reference, does not allow remote code execution, and is considered a crash bug rather than a security bug.

Impact:   A remote user can create a file that, when loaded by the target user, will cause the target user's PowerPoint application to crash.
Solution:   On November 11, 2006, Microsoft reported that this vulnerability does not allow remote code execution and is considered a crash bug rather than a security bug.

No solution was available at the time of this entry. Microsoft plans to issue a fix in the "next available ship vehicle for PowerPoint."

The Microsoft blog entries are available at:

http://blogs.technet.com/msrc/archive/2006/10/12/poc-published-for-ms-office-2003-powerpoint.aspx
http://blogs.technet.com/msrc/archive/2006/11/10/follow-up-information-on-weblog-posting-about-poc-published-for-ms-office-2003-powerpoint.aspx

Vendor URL:  blogs.technet.com/msrc/archive/2006/11/10/follow-up-information-on-weblog-posting-about-poc-published-for-ms-office-2003-powerpoint.aspx (Links to External Site)
Cause:   State error
Underlying OS:  Windows (Any)

Message History:   None.


 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, SecurityGlobal.net LLC