Detections
Analytics

MS11-036: Vulnerabilities in Microsoft PowerPoint Could Allow Remote Code Execution (2545814)

high Nessus Plugin ID 53859

Language:

Synopsis

Arbitrary code can be executed on the remote host through Microsoft PowerPoint.

Description

The remote Windows host has a version of Microsoft PowerPoint that is affected by multiple vulnerabilities that could lead to arbitrary code execution :

 - A memory corruption vulnerability exists due to the application's failure to properly handle memory during function calls while parsing a specially crafted PowerPoint file. (CVE-2011-1269)

 - A buffer overflow can be triggered when the application encounters a memory handling error while parsing a specially crafted PowerPoint file. (CVE-2011-1270)

If a remote attacker can trick a user into opening a malicious PowerPoint file using the affected install, either of these vulnerabilities could be leveraged to execute arbitrary code subject to the user's privileges.

Solution

Microsoft has released a set of patches for PowerPoint 2002, 2003, and 2007 as well as Office Compatibility Pack.

See Also

http://www.nessus.org/u?e5c52749

Plugin Details

Severity: High

ID: 53859

File Name: smb_nt_ms11-036.nasl

Version: 1.24

Type: local

Agent: windows

Published: 5/10/2011

Updated: 12/13/2019

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Critical

Score: 9.7

CVSS v2

Risk Factor: High

Base Score: 9.3

Temporal Score: 8.1

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: cpe:/a:microsoft:office

Required KB Items: SMB/MS_Bulletin_Checks/Possible

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 5/10/2011

Vulnerability Publication Date: 5/10/2011

Reference Information

CVE: CVE-2011-1269, CVE-2011-1270

BID: 47699, 47700

MSFT: MS11-036

MSKB: 2535802, 2535812, 2535818, 2540162