Issue:
======
A parsing routine that is executed when PowerPoint 2000 opens files contains an unchecked buffer. If an attacker inserted specially chosen data into a PowerPoint file and could entice another user into opening the file on his machine, the data would overrun the buffer, causing either of two effects. In the less serious case, overrunning the data would cause PowerPoint to fail, but wouldn´t have any other effect. In the more serious case, overrunning the buffer could allow the attacker to cause code of her choice to run on the user´s machine. The code could take any action that the user himself could take on the machine. Typically, this would enable the attacker´s code to add, change or delete data, communicate with a remote server, or take other actions.
Mitigating Factors:
===================
The user would need to be enticed into opening a malformed PowerPoint file
Patch Availability:
===================
A patch is available to fix this vulnerability. Please read Security Bulletin MS01-002 at: http://www.microsoft.com/technet/security/bulletin/ms01-002.asp for information on obtaining this patch.
======
A parsing routine that is executed when PowerPoint 2000 opens files contains an unchecked buffer. If an attacker inserted specially chosen data into a PowerPoint file and could entice another user into opening the file on his machine, the data would overrun the buffer, causing either of two effects. In the less serious case, overrunning the data would cause PowerPoint to fail, but wouldn´t have any other effect. In the more serious case, overrunning the buffer could allow the attacker to cause code of her choice to run on the user´s machine. The code could take any action that the user himself could take on the machine. Typically, this would enable the attacker´s code to add, change or delete data, communicate with a remote server, or take other actions.
Mitigating Factors:
===================
The user would need to be enticed into opening a malformed PowerPoint file
Patch Availability:
===================
A patch is available to fix this vulnerability. Please read Security Bulletin MS01-002 at: http://www.microsoft.com/technet/security/bulletin/ms01-002.asp for information on obtaining this patch.
