Microsoft PowerPoint Viewer picture index CString object integer overflow

Added: 09/19/2008
CVE: CVE-2008-0120
BID: 30552
OSVDB: 47406

Background

Microsoft PowerPoint Viewer 2003 is a free tool which allows viewing of Microsoft PowerPoint presentations without requiring Microsoft PowerPoint itself.

Problem

An integer overflow vulnerability in the handling of CString objects allows command execution when a user opens a PowerPoint file containing a malformed picture index.

Resolution

Install the update referenced in Microsoft Security Bulletin 08-051.

References

http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=739

Limitations

Exploit works on Microsoft PowerPoint Viewer 2003 and requires a user to load the exploit file in the affected software.

This exploit might not succeed on Windows XP SP2 systems without some of the older patches.

Execution of the exploit requires the Compress-Zlib PERL module if the use compression option is enabled.

Platforms

Windows XP

Back to exploit index