CVE-2011-3413

2011-12-1400:55:01

CWE-94

microsoft

web.nvd.nist.gov

cve-2011-3413

microsoft powerpoint

office 2008 for mac

office compatibility pack

powerpoint viewer

rce vulnerability

memory corruption

nvd

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

7.7

Confidence

Low

EPSS

0.934

Percentile

99.1%

JSON

Microsoft PowerPoint 2007 SP2; Office 2008 for Mac; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2; and PowerPoint Viewer 2007 SP2 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via an invalid OfficeArt record in a PowerPoint document, aka “OfficeArt Shape RCE Vulnerability.”

Affected configurations

Nvd

Node

microsoftofficeMatch2008mac

microsoftoffice_compatibility_packMatch2007sp2

microsoftpowerpointMatch2007sp2

microsoftpowerpoint_viewerMatch2007sp2

VendorProductVersionCPE
microsoftoffice2008cpe:2.3:a:microsoft:office:2008:*:mac:*:*:*:*:*
microsoftoffice_compatibility_pack2007cpe:2.3:a:microsoft:office_compatibility_pack:2007:sp2:*:*:*:*:*:*
microsoftpowerpoint2007cpe:2.3:a:microsoft:powerpoint:2007:sp2:*:*:*:*:*:*
microsoftpowerpoint_viewer2007cpe:2.3:a:microsoft:powerpoint_viewer:2007:sp2:*:*:*:*:*:*

Vendor	Product	Version	CPE
microsoft	office	2008	cpe:2.3:a:microsoft:office:2008::mac:::::
microsoft	office_compatibility_pack	2007	cpe:2.3:a:microsoft:office_compatibility_pack:2007:sp2::::::
microsoft	powerpoint	2007	cpe:2.3:a:microsoft:powerpoint:2007:sp2::::::
microsoft	powerpoint_viewer	2007	cpe:2.3:a:microsoft:powerpoint_viewer:2007:sp2::::::