iDefense Security Advisory 02.09.10 – Remote exploitation of a heap-based buffer overflow vulnerability in Microsoft Corp.’s PowerPoint could allow an attacker to execute arbitrary code with the privileges of the current user. The vulnerability occurs during the parsing of two related PowerPoint record types. The first record type, the “LinkedSlideAtom” record, is used to specify collaboration information for different slides. One of the fields in this record is used to specify the number of certain records that are present in the file. The code responsible for filling the array used to store the records does not perform any bounds checking when storing elements into the array. This results in a heap-based buffer overflow vulnerability.
You can download this advisory from the following link: https://packetstormsecurity.com/files/download/86218/02.09.10-1.txt
Source: https://packetstormsecurity.com/files/86218/iDEFENSE-Security-Advisory-2010-02-09.1.html