Summary
This host is missing a critical security update according to Microsoft Bulletin MS09-017.
Impact
Successful exploitation will let the attacker execute arbitrary codes, and can cause Memory Corruption, Integer Overflow and other attacks in the context of the application through crafting malicious codes inside a powerpoint file.
Impact Level: System
Solution
Run Windows Update and update the listed hotfixes or download and update mentioned hotfixes in the advisory from the below link, http://www.microsoft.com/technet/security/Bulletin/MS09-017.mspx
Insight
For more information about vulnerabilities on PowerPoint, go through the links mentioned in references.
Affected
MS PowerPoint 2000 Service Pack 3 and prior
MS PowerPoint 2002 Service Pack 3 and prior
MS PowerPoint 2003 Service Pack 3 and prior
MS PowerPoint 2007 Service Pack 2 and prior
MS PowerPoint Viewer 2003/2007
References
Severity
Classification
-
CVSS Base Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C
Related Vulnerabilities
- Cumulative Security Update for Internet Explorer (958215)
- Flaw in Microsoft VM Could Allow Code Execution (810030)
- Cumulative Security Update for Internet Explorer (961260)
- Message Queuing Remote Code Execution Vulnerability (951071)
- Active Directory Could Allow Remote Code Execution Vulnerability (957280)