Microsoft Office PowerPoint 2007 v12.0.4518 (pp4x322.dll) DLL Hijacking Exploit
Title: Microsoft Office PowerPoint 2007 v12.0.4518 (pp4x322.dll) DLL Hijacking Exploit
Advisory ID: ZSL-2010-4957
Type: Local/Remote
Impact: System Access
Risk: (4/5)
Release Date: 26.08.2010
[2] http://securityreason.com/exploitalert/8782
[3] http://www.corelan.be:8800/index.php/2010/08/25/dll-hijacking-kb-2269637-the-unofficial-list/
[4] http://www.exploit-db.com/dll-hijacking-vulnerable-applications/
[27.08.2010] - Added reference [1], [2], [3] and [4]
Web: http://www.zeroscience.mk
e-mail: lab@zeroscience.mk
Advisory ID: ZSL-2010-4957
Type: Local/Remote
Impact: System Access
Risk: (4/5)
Release Date: 26.08.2010
Summary
Microsoft PowerPoint is a presentation program by Microsoft. It is part of the Microsoft Office suite, and runs on Microsoft Windows and Apple's Mac OS X operating system.Description
MS PowerPoint 2007 suffers from a dll hijacking vulnerability that enables the attacker to execute arbitrary code on a local level. The vulnerable extension is .pwz thru pp4x322.dll and pp7x32.dll libraries.Vendor
Microsoft Corp. - http://www.microsoft.comAffected Version
12.0.4518.1014 MSO (12.0.4518.1014)Tested On
Microsoft Windows XP Professional SP3 (English)Vendor Status
N/APoC
mspowerp_dll.cCredits
Vulnerability discovered by Gjoko Krstic - <gjoko@zeroscience.mk>References
[1] http://www.packetstormsecurity.org/filedesc/mspowerp_dll.txt.html[2] http://securityreason.com/exploitalert/8782
[3] http://www.corelan.be:8800/index.php/2010/08/25/dll-hijacking-kb-2269637-the-unofficial-list/
[4] http://www.exploit-db.com/dll-hijacking-vulnerable-applications/
Changelog
[26.08.2010] - Initial release[27.08.2010] - Added reference [1], [2], [3] and [4]
Contact
Zero Science LabWeb: http://www.zeroscience.mk
e-mail: lab@zeroscience.mk
