Recent vulnerabilities affecting PowerPoint:
MS06-010: Vulnerability in PowerPoint 2000 Could Allow Information Disclosure (889167) CVE-2006-0004 CVSS base: 2.3 MS06-028: Vulnerability in Microsoft PowerPoint Could Allow Remote Code Execution (916768) CVE-2006-0022 CVSS base: 5.6 Microsoft PowerPoint Unspecified Code Execution Vulnerability CVE-2006-3590 CVSS base: 5.6 Vendor Announcements: http://www.microsoft.com/technet/security/advisory/922970.mspx http://blogs.technet.com/msrc/archive/2006/07/14/441893.aspx Patch is currently un-available Malcode exploiting this vulnerability has been identified, signatures are available. Aliases: Trojan.PPDropper.B, TROJ_MDROPPER.AS Microsoft PowerPoint Memory Corruption Vulnerabilities CVE-2006-3655 CVSS base: 5.6 Proof of concept code exists Patch is currently un-available CVE-2006-3656 CVSS base: 1.9 Proof of concept code exists Patch is currently un-available CVE-2006-3660 CVSS base: 5.6 Proof of concept code exists Patch is currently un-available These were reported on the Handler's Diary here: http://isc.sans.org/diary.php?storyid=1484 |
Kevin Liston 292 Posts ISC Handler Jul 22nd 2006 |
Thread locked Subscribe |
Jul 22nd 2006 1 decade ago |
Sign Up for Free or Log In to start participating in the conversation!