Description: Two vulnerabilities have been reported in Microsoft PowerPoint, which can be exploited by malicious people to compromise a user's system.
1) An error when parsing malformed records and can be exploited to corrupt memory and execute arbitrary code via a presentation containing a specially crafted record.
2) An error in mso.dll when parsing malformed shape containers can be exploited to cause a buffer overflow via a specially crafted presentation.
Successful exploitation allows execution of arbitrary code.
NOTE: This vulnerability is currently being exploited in the wild.
Do you have this product installed on your home computer? Scan using the free Personal Software Inspector. Check if a vulnerable version is installed on computers in your corporate network, scan using the Network Software Inspector.
Provided and/or discovered by: 1) The vendor credits SoWhat, Nevis Labs.
2) Discovered in the wild as a 0-day.
Changelog: 2006-07-15: Added link to MSRC.
2006-07-17: Added link to US-CERT. Added CVE reference.
2006-07-18: Added link to Microsoft advisory.
2006-08-08: Added additional information from Microsoft. Updated "Solution" section.
2006-08-09: Added link to US-CERT. Added additional information provided by Sowhat.
2006-08-10: Updated advisory.
If you have new information regarding this Secunia advisory or a product in our database, please send it to us using either our web form or email us at vuln@secunia.com.
Ideas, suggestions, and other feedback are most welcome.