发布时间 :2006-07-18 11:47:00
修订时间 :2017-07-19 21:32:28

[原文]Unspecified vulnerability in mso.dll in Microsoft PowerPoint 2003 allows user-assisted attackers to execute arbitrary code via a crafted PowerPoint file. NOTE: due to the lack of available details as of 20060717, it is unclear how this is related to CVE-2006-3656, CVE-2006-3660, and CVE-2006-3590, although it is possible that they are all different.

[CNNVD]Microsoft PowerPoint文件处理远程代码执行漏洞(CNNVD-200607-227)

        Microsoft PowerPoint是非常流行的文稿演示工具。
        Microsoft PowerPoint处理特定格式和访问属性的PPT文档时存在漏洞,远程攻击者可能利用此漏洞在用户机器上执行任意指令。

- CVSS (基础分值)

CVSS分值: 5.1 [中等(MEDIUM)]
机密性影响: [--]
完整性影响: [--]
可用性影响: [--]
攻击复杂度: [--]
攻击向量: [--]
身份认证: [--]

- CPE (受影响的平台与产品)

cpe:/a:microsoft:powerpoint:2003Microsoft PowerPoint 2003
cpe:/a:microsoft:powerpoint:2003:sp2Microsoft PowerPoint 2003 sp2
cpe:/a:microsoft:powerpoint:2003:sp1Microsoft PowerPoint 2003 sp1

- OVAL (用于检测的技术细节)


- 官方数据库链接
(官方数据源) MITRE
(官方数据源) NVD
(官方数据源) CNNVD

- 其它链接及资源
(UNKNOWN)  BUGTRAQ  20060715 MS Power Point Multiple Vulnerabilities - (mso.dll) POC
(UNKNOWN)  BUGTRAQ  20060718 About the latest three Powerpoint vulnerabilities: exploitable?
(UNKNOWN)  BUGTRAQ  20060717 New CVE identifiers for separate PowerPoint 0-day issues assigned
(UNKNOWN)  BID  18993
(UNKNOWN)  XF  powerpoint-mso-code-execution2(27781)

- 漏洞信息

Microsoft PowerPoint文件处理远程代码执行漏洞
中危 资料不足
2006-07-18 00:00:00 2006-08-28 00:00:00
        Microsoft PowerPoint是非常流行的文稿演示工具。
        Microsoft PowerPoint处理特定格式和访问属性的PPT文档时存在漏洞,远程攻击者可能利用此漏洞在用户机器上执行任意指令。

- 公告与补丁


- 漏洞信息

Microsoft PowerPoint mso.dll PPT Processing Unspecified Code Execution
Remote / Network Access Input Manipulation
Loss of Integrity Solution Unknown
Exploit Public

- 漏洞描述

Microsoft PowerPoint contains a flaw that may allow a malicious user to execute arbitrary code. The issue is triggered when a user opens a malicious PowerPoint ppt file that causes an unspecified security fault in the mso.dll. It is possible that the flaw may allow to execute arbitrary code with the privileges of the user resulting in a loss of integrity.

- 时间线

2006-07-15 Unknow
Unknow Unknow

- 解决方案

Currently, there are no known upgrades, patches, or workarounds available to correct this issue.

- 相关参考

- 漏洞作者

- 漏洞信息

Microsoft Powerpoint Multiple Unspecified Vulnerabilities
Unknown 18993
Yes No
2006-07-14 12:00:00 2006-07-18 11:08:00
naveed <> discovered these issues.

- 受影响的程序版本

Microsoft PowerPoint 2003 SP2
+ Microsoft Office 2003 SP2
Microsoft PowerPoint 2003 SP1
+ Microsoft Office 2003 SP1
Microsoft PowerPoint 2003 0
+ Microsoft Office 2003 0

- 漏洞讨论

Microsoft PowerPoint is prone to multiple remote vulnerabilities.

Three proof-of-concept exploit files designed to trigger vulnerabilities in PowerPoint have been released.

It is currently unknown if these three exploit files pertain to newly discovered, unpublished vulnerabilities or if they exploit previously disclosed issues. These issues may allow remote attackers to cause crashes or to execute arbitrary machine code in the context of the affected application, but this has not been confirmed.

This BID will be updated and potentially split into individual records as further analysis is completed.

Microsoft PowerPoint 2003 is vulnerable to these issues; other versions may also be affected.

- 漏洞利用

The following proof-of-concept exploit files are available to demonstrate these issues:

- 解决方案

Currently we are not aware of any vendor-supplied patches for these issues. If you feel we are in error or if you are aware of more recent information, please mail us at:

- 相关参考