[Microsoft Alert] Microsoft Security Bulletin MS06-010

Vulnerability in PowerPoint 2000 Could Allow Information Disclosure (889167)

Issued: February 14, 2006

Version: 1.0

 

Summary

Who should read this document: Customers who use Microsoft PowerPoint 2000

Impact of Vulnerability: Information Disclosure

Maximum Severity Rating: Important

Recommendation: Customers should apply the update at the earliest opportunity

Security Update Replacement: None

 

Vulnerability Details:

An Information Disclosure vulnerability exists in PowerPoint. An attacker who successfully exploited this vulnerability could remotely attempt to access objects in the Temporary Internet Files Folder (TIFF) explicitly by name. Note that this vulnerability would not allow an attacker to execute code or to elevate their user rights directly, but it could be used to produce useful information that could be used to try to further compromise the affected system.

 

Affected Software:

Microsoft Office 2000 Service Pack 3

PowerPoint 2000

 

Microsoft Office 2003 Service Pack 1 or Service Pack 2

PowerPoint 2003

 

 

 

References: http://www.microsoft.com/security/bulletins/current.mspx (Microsoft Security Updates)

---