← Advisories

Microsoft Office PowerPoint 2007 v12.0.4518 (pp4x322.dll) DLL Hijacking Exploit

High

Advisory ID

ZSL-2010-4957

Release Date

26 August 2010

Vendor

Microsoft Corp. - http://www.microsoft.com

Affected Version

12.0.4518.1014 MSO (12.0.4518.1014)

CVE

N/A

Tested On

Microsoft Windows XP Professional SP3 (English)

Summary

Microsoft PowerPoint is a presentation program by Microsoft. It is part of the Microsoft Office suite, and runs on Microsoft Windows and Apple's Mac OS X operating system.

Description

MS PowerPoint 2007 suffers from a dll hijacking vulnerability that enables the attacker to execute arbitrary code on a local level. The vulnerable extension is .pwz thru pp4x322.dll and pp7x32.dll libraries.

Proof of Concept

mspowerp_dll.cTXT

Disclosure Timeline

N/A

Credits

Vulnerability discovered by Gjoko Krstic

References

[1]http://www.packetstormsecurity.org/filedesc/mspowerp_dll.txt.html

[2]http://securityreason.com/exploitalert/8782

[3]http://www.corelan.be:8800/index.php/2010/08/25/dll-hijacking-kb-2269637-the-unofficial-list/

[4]http://www.exploit-db.com/dll-hijacking-vulnerable-applications/

Changelog

26.08.2010Initial release

27.08.2010Added reference [1], [2], [3] and [4]