Microsoft PowerPoint OEPlaceholderAtom placementId memory corruption

Added: 02/12/2010
CVE: CVE-2010-0031
BID: 38103
OSVDB: 62237

Background

Microsoft PowerPoint is presentation software included in the Microsoft Office desktop suite.

Problem

A memory corruption vulnerability allows command execution when a user opens a PowerPoint file containing an OEPlaceholderAtom record with a specially crafted placementId parameter.

Resolution

Apply the update referenced in Microsoft Security Bulletin 10-004.

References

http://www.microsoft.com/technet/security/bulletin/MS10-004.mspx

Limitations

Exploit works on Microsoft PowerPoint 2003 SP3 and requires a user to open the exploit file in Microsoft PowerPoint.

The exploit is not executed until the exploit file is closed.

This exploit requires the IO::Uncompress::Gunzip and Compress::Zlib PERL modules from CPAN.

Platforms

Windows

Back to exploit index