Update Protection against Microsoft PowerPoint Memory Allocation Vulnerabilities (MS08-051)
| Check Point Reference: | CPAI-2008-117 | |
| Date Published: | ||
| Severity: | ||
| Last Updated: | ||
| Source: | Microsoft Security Bulletin MS08-051 | |
| Industry Reference(s): | CVE-2008-0120 CVE-2008-0121 |
|
| Protection Provided by: |
VPN-1
|
|
| Who is Vulnerable? Microsoft Office PowerPoint Viewer 2003 | ||
| Vulnerability Description Remote code execution vulnerabilities have been identified in Microsoft PowerPoint. Microsoft PowerPoint is a popular graphics software for preparing slides and presentations. A remote attacker could exploit this issue via a malformed PowerPoint file. Successful exploitation of these vulnerabilities may allow execution of arbitrary code on a target system. |
||
|
Update/Patch Available Apply patches: Microsoft Security Bulletin MS08-051 |
|
|
Vulnerability Details The vulnerabilities are due to memory calculation errors in Microsoft PowerPoint when processing a malformed picture index in a specially crafted PowerPoint file. A remote attacker could trigger these flaws by convincing a victim to open a specially crafted PowerPoint file. Successful exploitation of this issue may allow execution of arbitrary code on a vulnerable system. |
Protection Overview
By enabling this protection, SmartDefense will detect and block the transferring of malformed PowerPoint files over HTTP.
In order for the protection to be activated, update your VPN-1 product to the latest SmartDefense update. For information on how to update SmartDefense, go to SBP-2006-05, Protection tab and select the version of your choice.
To configure the defense, select your product from the list below and follow the related protection steps.