Intrusion Prevention

MS.PowerPoint.Parsing.Buffer.Overflow

Description

This indicates an attack attempt against a buffer-overflow vulnerability in Microsoft PowerPoint.
The vulnerability exists because of the way that Microsoft PowerPoint parses the PowerPoint file format when opening a specially crafted PowerPoint 95 file. It allows a remote attacker to execute arbitrary code via sending a crafted malicious PowerPoint 95 file.

Affected Products

Microsoft Office XP Service Pack 3
Microsoft Office 2003 Service Pack 3
Microsoft Office 2004 for Mac
Microsoft PowerPoint Viewer Service Pack 2

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Apply the patch supplied by the vendor:
http://www.microsoft.com/technet/security/Bulletin/ms10-088.mspx

CVE References

CVE-2010-2572