Full Disclosure mailing list archives
Vulnerable function in newest PowerPoint case (MS Advisory #925984)
From: Juha-Matti Laurio <juha-matti.laurio () netti fi>
Date: Fri, 6 Oct 2006 02:31:33 +0300 (EEST)
This PowerPoint vulnerability is described at Microsoft Security Advisory #925984 http://www.microsoft.com/technet/security/advisory/925984.mspx It appears that the vulnerability is due to errors when executing VB script SlideShowWindows.View.GotoNamedShow () automatically inside a PowerPoint presentation. Information about the existence of related exploit code listed as NamedShows stack overwrite issue is public too. The author and origin of the exploit code is not currently known. Microsoft is reportedly working on a fix and Security Bulletin Advance Notification Program reported about four upcoming October security bulletins affecting Microsoft Office recently. - Juha-Matti _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Vulnerable function in newest PowerPoint case (MS Advisory #925984) Juha-Matti Laurio (Oct 05)