Microsoft PowerPoint OfficeArt CVE-2011-3413 Remote Code Execution Vulnerability
BID:50964
Info
Microsoft PowerPoint OfficeArt CVE-2011-3413 Remote Code Execution Vulnerability
| Bugtraq ID: | 50964 |
| Class: | Unknown |
| CVE: |
CVE-2011-3413 |
| Remote: | Yes |
| Local: | No |
| Published: | Dec 13 2011 12:00AM |
| Updated: | Dec 13 2011 12:00AM |
| Credit: | An anonymous researcher, working with TippingPoint's Zero Day Initiative |
| Vulnerable: |
Microsoft PowerPoint Viewer 2007 SP2 Microsoft PowerPoint Viewer 2007 SP1 Microsoft PowerPoint Viewer 2007 0 Microsoft PowerPoint 2007 SP2 Microsoft PowerPoint 2007 SP1 Microsoft PowerPoint 2007 0 Microsoft PowerPoint 2007 SP3 Microsoft Office Compatibility Pack 2007 SP2 Microsoft Office Compatibility Pack 2007 SP1 Microsoft Office Compatibility Pack 2007 0 Microsoft Office 2008 for Mac 0 |
| Not Vulnerable: | |
Discussion
Microsoft PowerPoint OfficeArt CVE-2011-3413 Remote Code Execution Vulnerability
Microsoft PowerPoint is prone to a remote code-execution vulnerability.
An attacker can exploit this issue to execute arbitrary code with the privileges of the currently logged-in user.
Microsoft PowerPoint is prone to a remote code-execution vulnerability.
An attacker can exploit this issue to execute arbitrary code with the privileges of the currently logged-in user.
Exploit / POC
Microsoft PowerPoint OfficeArt CVE-2011-3413 Remote Code Execution Vulnerability
Currently we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Currently we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution / Fix
Microsoft PowerPoint OfficeArt Shape CVE-2011-3413 Remote Code Execution Vulnerability
Solution:
The vendor has released an advisory and updates. Please see the references for details.
Microsoft Office 2008 for Mac 0
Microsoft Office Compatibility Pack 2007 SP2
Microsoft PowerPoint 2007 SP2
Microsoft PowerPoint Viewer 2007 SP2
Solution:
The vendor has released an advisory and updates. Please see the references for details.
Microsoft Office 2008 for Mac 0
-
Microsoft Microsoft Office 2008 for Mac 12.3.2 Update
http://www.microsoft.com/downloads/details.aspx?familyid=2c4d0381-f7ab -49ed-a0c0-b381387d1e68
Microsoft Office Compatibility Pack 2007 SP2
-
Microsoft Security Update for Microsoft Office PowerPoint 2007 (KB2596843)
http://www.microsoft.com/downloads/details.aspx?familyid=e799f654-7e2d -40c7-a3b8-32e44d1aa6ee
Microsoft PowerPoint 2007 SP2
-
Microsoft Security Update for Microsoft Office PowerPoint 2007 (KB2596764)
http://www.microsoft.com/downloads/details.aspx?familyid=d0c3156c-c87c -4d3e-aca2-3fab9ff78711
Microsoft PowerPoint Viewer 2007 SP2
-
Microsoft Security Update for Microsoft Office PowerPoint 2007 (KB2596912)
http://www.microsoft.com/downloads/details.aspx?familyid=4417592a-8db0 -4e35-9895-d589bc341077
References
Microsoft PowerPoint OfficeArt Shape CVE-2011-3413 Remote Code Execution Vulnerability
References:
References:
- Microsoft Homepage (Microsoft)
- Microsoft Office 2007 Office Art Shape Record Hierarchy Parsing Remote Code Exec (TippingPoint Zero Day Initiative)
- Microsoft PowerPoint Homepage (Microsoft)
- Microsoft Security Bulletin MS11-094 (Microsoft)