CVE-2011-3413

Name of the Vulnerable Software and Affected Versions Microsoft PowerPoint versions 2007 SP2 Office 2008 for Mac Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats versions SP2 PowerPoint Viewer versions 2007 SP2

Description A remote code execution issue exists due to the way Microsoft PowerPoint handles specially crafted PowerPoint files. This could allow an attacker to execute arbitrary code or cause a denial of service via memory corruption by including an invalid OfficeArt record in a PowerPoint document. An attacker could exploit this by creating a specially crafted PowerPoint file that could be included as an e-mail attachment or hosted on a specially crafted or compromised web site.

Recommendations For Microsoft PowerPoint 2007 SP2, update to a version that includes the fix for this issue. For Office 2008 for Mac, apply the recommended patch or update to a newer version. For Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2, update to a version that includes the fix for this issue. For PowerPoint Viewer 2007 SP2, update to a version that includes the fix for this issue.