CVE-2010-3142

Name of the Vulnerable Software and Affected Versions Microsoft Office PowerPoint version 2007

Description The issue allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks. This can be achieved via a Trojan horse rpawinet.dll located in the same folder as certain file types, including .odp, .pothtml, .potm, .potx, .ppa, .ppam, .pps, .ppt, .ppthtml, .pptm, .pptxml, .pwz, .sldm, .sldx, and .thmx.

Recommendations For Microsoft Office PowerPoint 2007, consider removing or restricting access to the vulnerable rpawinet.dll file as a temporary workaround until a patch is available. Avoid opening files from untrusted sources, especially those that could be located in the same folder as a malicious dll, to minimize the risk of exploitation.