CVE-2011-0655

Name of the Vulnerable Software and Affected Versions Microsoft PowerPoint versions 2007 SP2 and 2010 Office for Mac versions 2004, 2008, and 2011 Open XML File Format Converter for Mac Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2 PowerPoint Viewer PowerPoint Viewer 2007 SP2 PowerPoint Web App

Description The issue arises from improper validation of TimeColorBehaviorContainer Floating Point records in PowerPoint documents, allowing remote attackers to execute arbitrary code or cause a denial of service due to memory corruption via a crafted document containing an invalid record. A remote code execution vulnerability exists in the way that Microsoft PowerPoint handles specially crafted PowerPoint files. An attacker could exploit the vulnerability by creating a specially crafted PowerPoint file that could be included as an e-mail attachment, or hosted on a specially crafted or compromised Web site.

Recommendations For Microsoft PowerPoint 2007 SP2, update to a fixed version to resolve the issue. For Microsoft PowerPoint 2010, update to a fixed version to resolve the issue. For Office for Mac versions 2004, 2008, and 2011, update to a fixed version to resolve the issue. For Open XML File Format Converter for Mac, update to a fixed version to resolve the issue. For Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2, update to a fixed version to resolve the issue. For PowerPoint Viewer, update to a fixed version to resolve the issue. For PowerPoint Viewer 2007 SP2, update to a fixed version to resolve the issue. For PowerPoint Web App, update to a fixed version to resolve the issue. As a temporary workaround, consider avoiding the use of TimeColorBehaviorContainer records in PowerPoint documents until a patch is available. Restrict access to specially crafted or compromised Web sites and avoid opening suspicious e-mail attachments to minimize the risk of exploitation.