Gravité: : Élevé
  Identifiant(s) CVE: : CVE-2011-1270
  Date du conseil: 11 mai 2011

  Description

This security update resolves two reported vulnerabilities in Microsoft PowerPoint. The vulnerabilities allow remote code execution if a user opens a maliciously-crafted PowerPoint file. An attacker who successfully exploited either of these vulnerabilities could gain the same user rights as the logged-on user. The update addresses the vulnerabilities by correcting the way that PowerPoint handles memory when parsing specially crafted PowerPoint files.

  Information Exposure Rating:


For information on patches specific to the affected software, please proceed to the Microsoft Web page.

  Affected software and version:

  • Microsoft Office XP Service Pack 3
  • Microsoft Office 2003 Service Pack 3
  • Microsoft Office 2007 Service Pack 2
  • Microsoft Office 2004 for Mac
  • Microsoft Office 2008 for Mac
  • Open XML File Format Converter for Mac
  • Microsoft Office Compatibility Pack for Word
  • Excel
  • and PowerPoint 2007 File Formats Service Pack 2