New Search

Legacy File Format Vulnerability

oval:org.mitre.oval:def:5610

Multiple stack-based buffer overflows in the PowerPoint 4.0 importer (PP4X32.DLL) in Microsoft Office PowerPoint 2000 SP3 2002 SP3 and 2003 SP3 allow remote attackers to execute arbitrary code via crafted formatting data for paragraphs in a file that uses a PowerPoint 4.0 native file format related to (1) an incorrect calculation from a record header or (2) an interget that is used to specify the number of bytes to copy aka "Legacy File Format Vulnerability."

Family:
windows
Status:
ACCEPTED
Platform(s):
  • Microsoft Windows XP
  • Microsoft Windows Vista
  • Microsoft Windows 2000
  • Microsoft Windows Server 2003
Class:
vulnerability
Reference(s):
  • CVE-2009-0220
Product(s):
  • Microsoft Office PowerPoint 2002 Service Pack 3
  • Microsoft Office PowerPoint 2003 Service Pack 3
  • Microsoft Office PowerPoint 2000 Service Pack 3