1. Symantec/
  2. Security Response/
  3. Attack Signatures/
  4. Attack: MS PowerPoint TimeColorBehaviorContainer Record CVE-2011-0655

Attack: MS PowerPoint TimeColorBehaviorContainer Record CVE-2011-0655

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This signature detects attempt to a remote code execution vulnerability in Microsoft PowerPoint application.

Additional Information

Microsoft PowerPoint is a presentation application.

Microsoft PowerPoint is prone to a remote code-execution vulnerability caused by an error that occurs when processing a specially crafted PowerPoint file. Specifically, this occurs when validating an invalid 'TimeColorBehaviorContainer' floating point record in a malicious PowerPoint file.

An attacker can exploit this issue by enticing a victim to open a malicious PowerPoint file.

An attacker can exploit this issue to execute arbitrary code with the privileges of the user running the application. Failed exploit attempts will cause a denial-of-service condition.

Affected

  • N/A

Response

Vendor has released an advisory to fix this issue. Please visit the vendor's website for further details.
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube