OSVDB ID: 34332

Title: PowerPoint Viewer OCX ActiveX (PowerPointViewer.ocx) Multiple Method Overflows

Info

Disclosure

May 01, 2007

Discovery

Unknown

Dates

Exploit

Unknown

Solution

Unknown

Description

PowerPoint Viewer ActiveX control contains a flaw that may allow a remote denial of service. The issue is triggered by multiple buffer overflows in PowerPointViewer.ocx, and will result in loss of availability for the web browser.

Classification

Location: Remote / Network Access, Context Dependent
Attack Type: Input Manipulation
Impact: Loss of Availability
Exploit: Exploit Public
Disclosure: Uncoordinated Disclosure

Solution

Currently, there are no known upgrades, patches, or workarounds available to correct this issue.

Products

Microsoft Corporation

PowerPoint Viewer ActiveX

3.1

References

CVE ID: 2007-2494 (see also: NVD)
Bugtraq ID: 23733
Secunia Advisory ID: 25092
SCIP VulDB ID: 3049
ISS X-Force ID: 34013
Milw0rm: 3826
Exploit Database: 3826
VUPEN Advisory: ADV-2007-1612
Other Advisory URL: http://moaxb.blogspot.com/2007/05/moaxb-01-powerpointviewerocx-31.html
Keyword: MoAxB #01

Credit

shinnai - shinnaiautistici.org -

Direct URL: http://osvdb.org/36218