Short Name |
HTTP:STC:DL:PPT-FF-BOF |
---|---|
Severity |
Major |
Recommended |
No |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
PowerPoint File Multiples Buffer Overflow |
Release Date |
2010/10/07 |
Update Number |
1787 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
This signature detects attempts to exploit a known vulnerability in the Microsoft PowerPoint file format. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the client.
Microsoft PowerPoint is prone to multiple remote vulnerabilities. Three proof-of-concept exploit files designed to trigger vulnerabilities in PowerPoint have been released. It is currently unknown if these three exploit files pertain to newly discovered, unpublished vulnerabilities or if they exploit previously disclosed issues. These issues may allow remote attackers to cause crashes or to execute arbitrary machine code in the context of the affected application, but this has not been confirmed. This BID will be updated and potentially split into individual records as further analysis is completed. Microsoft PowerPoint 2003 is vulnerable to these issues; other versions may also be affected.