Microsoft Office applications multiple security vulnerabilities updated since 10.02.2010
Published:		12.02.2010
Source:		MICROSOFT
SecurityVulns ID:		10602
Type:		client
Level:		7/10
Description:		Buffer overflow on Microsoft office files parsing, multiple memory corruptions on Microsoft PowerPoint fiels parsing.

Affected:		MICROSOFT : Office XP
		MICROSOFT : Office 2003
		MICROSOFT : Office 2004 for Mac
CVE:		CVE-2010-0243 (Buffer overflow in MSO.DLL in Microsoft Office XP SP3 and Office 2004 for Mac allows remote attackers to execute arbitrary code via a crafted Office document, aka "MSO.DLL Buffer Overflow.")
		CVE-2010-0034 (Stack-based buffer overflow in Microsoft Office PowerPoint 2003 SP3 allows remote attackers to execute arbitrary code via a crafted PowerPoint document, aka "Office PowerPoint Viewer TextCharsAtom Record Stack Overflow Vulnerability.")
		CVE-2010-0033 (Stack-based buffer overflow in Microsoft Office PowerPoint 2003 SP3 allows remote attackers to execute arbitrary code via a crafted PowerPoint document, aka "PowerPoint Viewer TextBytesAtom Record Stack Overflow Vulnerability.")
		CVE-2010-0032 (Use-after-free vulnerability in Microsoft Office PowerPoint 2002 SP3 and 2003 SP3 allows remote attackers to execute arbitrary code via a crafted PowerPoint document, aka "OEPlaceholderAtom Use After Free Vulnerability.")
		CVE-2010-0031 (Array index error in Microsoft Office PowerPoint 2002 SP3 and 2003 SP3, and PowerPoint in Office 2004 for Mac, allows remote attackers to execute arbitrary code via a crafted PowerPoint document, aka "PowerPoint OEPlaceholderAtom 'placementId' Invalid Array Indexing Vulnerability.")
		CVE-2010-0030 (Heap-based buffer overflow in Microsoft Office PowerPoint 2002 SP3 and 2003 SP3 allows remote attackers to execute arbitrary code via a crafted PowerPoint document, aka "PowerPoint LinkedSlideAtom Heap Overflow Vulnerability.")
		CVE-2010-0029 (Buffer overflow in Microsoft Office PowerPoint 2002 SP3 allows remote attackers to execute arbitrary code via a crafted PowerPoint document, aka "PowerPoint File Path Handling Buffer Overflow Vulnerability.")

Original document		IDEFENSE, iDefense Security Advisory 02.09.10: Microsoft PowerPoint OEPlaceholderAtom Invalid Array Indexing Vulnerability (12.02.2010)
		IDEFENSE, iDefense Security Advisory 02.09.10: Microsoft PowerPoint LinkedSlideAtom Heap Overflow Vulnerability (12.02.2010)
		IDEFENSE, iDefense Security Advisory 02.09.10: Microsoft PowerPoint OEPlaceholderAtom Use-After-Free Vulnerability (12.02.2010)
		SECUNIA, Secunia Research: Microsoft PowerPoint File Path Handling Buffer Overflow (10.02.2010)
		ZDI, ZDI-10-017: Microsoft Office PowerPoint Viewer TextBytesAtom Record Remote Code Execution Vulnerability (10.02.2010)
		ZDI, TPTI-10-02: Microsoft Office PowerPoint Viewer TextCharsAtom Record Code Execution Vulnerability (10.02.2010)
		CORE SECURITY TECHNOLOGIES ADVISORIES, CORE-2009-0827: Microsoft Office Excel / Word OfficeArtSpgr Container Pointer Overwrite Vulnerability (10.02.2010)
		SECUNIA, Secunia Research: Microsoft PowerPoint File Path Handling Buffer Overflow (10.02.2010)
		MICROSOFT, Microsoft Security Bulletin MS10-004 - Important Vulnerabilities in Microsoft Office PowerPoint Could Allow Remote Code Execution (975416) (10.02.2010)
		MICROSOFT, Microsoft Security Bulletin MS10-003 - Important Vulnerability in Microsoft Office (MSO) Could Allow Remote Code Execution (978214) (10.02.2010)

Files:		Microsoft Security Bulletin MS10-003 - Important Vulnerability in Microsoft Office (MSO) Could Allow Remote Code Execution (978214)
		Microsoft Security Bulletin MS10-004 - Important Vulnerabilities in Microsoft Office PowerPoint Could Allow Remote Code Execution (975416)
Discuss:		Read or add your comments to this news (0 comments)