CVE-2008-0121

Name of the Vulnerable Software and Affected Versions Microsoft PowerPoint Viewer 2003

Description A memory calculation error in Microsoft PowerPoint Viewer 2003 allows remote attackers to execute arbitrary code via a PowerPoint file with an invalid picture index that triggers memory corruption. This issue is related to the way Microsoft Office PowerPoint Viewer 2003 handles specially crafted PowerPoint files. An attacker could exploit this by creating a specially crafted PowerPoint file that could be included as an e-mail attachment or hosted on a specially crafted or compromised Web site. If successfully exploited, an attacker could take complete control of an affected system, allowing them to install programs, view, change, or delete data, or create new accounts with full user rights. The impact is more significant for users with administrative user rights.

Recommendations For Microsoft PowerPoint Viewer 2003, update to a version that includes the fix for the memory calculation error to prevent exploitation.