Lucene search
AnonymousZDI-22-1286HistorySep 19, 2022 - 12:00 a.m.
Microsoft PowerPoint PPTX File Parsing Use-After-Free Remote Code Execution Vulnerability
2022-09-1900:00:00
Anonymous
www.zerodayinitiative.com
16
vulnerability
remote code execution
microsoft powerpoint
pptx files
user interaction
malicious file
parsing
object validation
current process
0.004 Low
EPSS
Percentile
73.2%
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft PowerPoint. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PPTX files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process.
Related
nessus
nessus
Security Updates for Microsoft PowerPoint Products (September 2022)
2022-09-15 00:00:00
Security Updates for Microsoft Office Products (Sept 2022) (macOS)
2022-09-15 00:00:00
Security Updates for Microsoft Office Products (September 2022)
2022-09-13 00:00:00
prion
prion
Remote code execution
2022-09-13 19:15:00
cve
cve
CVE-2022-37962
2022-09-13 19:15:12
mskb
mskb
openvas
openvas
Microsoft Office 2016 Remote Code Execution Vulnerabilities (KB5002178)
2022-09-14 00:00:00
Microsoft Office Remote Code Execution Vulnerabilities (KB5002166)
2022-09-14 00:00:00
cvelist
cvelist
CVE-2022-37962 Microsoft PowerPoint Remote Code Execution Vulnerability
2022-09-13 18:42:10
nvd
nvd
CVE-2022-37962
2022-09-13 19:15:12
mscve
mscve
Microsoft PowerPoint Remote Code Execution Vulnerability
2022-09-13 07:00:00
kaspersky
kaspersky
KLA19250 Multiple vulnerabilities in Microsoft Office
2022-09-13 00:00:00
rapid7blog
rapid7blog
Patch Tuesday - September 2022
2022-09-13 20:11:08