Reported January 22, 2001, by @Stake

VERSIONS AFFECTED
  • Microsoft PowerPoint 2000

DESCRIPTION

PowerPoint 2000 contains an unchecked buffer that could let a malicious user launch arbitrary code or simply crash PowerPoint. Because Microsoft Internet Explorer trusts Office 2000 applications, malicious Web sites can easily exploit this vulnerability.

DEMONSTRATION

@Stake provides a proof-of-concept demonstration at this URL:

http://www.atstake.com/research/advisories/2001/bob.ppt

VENDOR RESPONSE

Microsoft released a security bulletin available at this URL:

http://www.microsoft.com/technet/security/bulletin/ms01-002.asp

CREDIT

Discovered by @Stake.