MS10-004 Vulnerabilities in Microsoft Office PowerPoint Could Allow Remote Code Execution (975416)
Important - Remote Code Execution This security update resolves six privately reported vulnerabilities in Microsoft Office PowerPoint. The vulnerabilities could allow remote code execution if a user opens a specially crafted PowerPoint file. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Bulletin details at Microsoft.com
Bulletin details at Microsoft.com
Related CVE Entries
Buffer overflow in Microsoft Office PowerPoint 2002 SP3 allows remote attackers to execute arbitrary code via a crafted PowerPoint document, aka "PowerPoint File Path Handling Buffer Overflow Vulnerability."
Max CVSS
9.3
EPSS Score
89.91%
Published
2010-02-10
Updated
2018-10-12
Heap-based buffer overflow in Microsoft Office PowerPoint 2002 SP3 and 2003 SP3 allows remote attackers to execute arbitrary code via a crafted PowerPoint document, aka "PowerPoint LinkedSlideAtom Heap Overflow Vulnerability."
Max CVSS
9.3
EPSS Score
89.91%
Published
2010-02-10
Updated
2018-10-12
Array index error in Microsoft Office PowerPoint 2002 SP3 and 2003 SP3, and PowerPoint in Office 2004 for Mac, allows remote attackers to execute arbitrary code via a crafted PowerPoint document, aka "PowerPoint OEPlaceholderAtom 'placementId' Invalid Array Indexing Vulnerability."
Max CVSS
9.3
EPSS Score
88.61%
Published
2010-02-10
Updated
2018-10-12
Use-after-free vulnerability in Microsoft Office PowerPoint 2002 SP3 and 2003 SP3 allows remote attackers to execute arbitrary code via a crafted PowerPoint document, aka "OEPlaceholderAtom Use After Free Vulnerability."
Max CVSS
9.3
EPSS Score
88.12%
Published
2010-02-10
Updated
2018-10-12
CVE-2010-0033
Public exploit
Stack-based buffer overflow in Microsoft Office PowerPoint 2003 SP3 allows remote attackers to execute arbitrary code via a crafted PowerPoint document, aka "PowerPoint Viewer TextBytesAtom Record Stack Overflow Vulnerability."
Max CVSS
9.3
EPSS Score
96.69%
Published
2010-02-10
Updated
2018-10-12
Stack-based buffer overflow in Microsoft Office PowerPoint 2003 SP3 allows remote attackers to execute arbitrary code via a crafted PowerPoint document, aka "Office PowerPoint Viewer TextCharsAtom Record Stack Overflow Vulnerability."
Max CVSS
9.3
EPSS Score
89.91%
Published
2010-02-10
Updated
2018-10-12