ID CVE-2011-3396
Summary Untrusted search path vulnerability in Microsoft PowerPoint 2007 SP2 and 2010 allows local users to gain privileges via a Trojan horse DLL in the current working directory, aka "PowerPoint Insecure Library Loading Vulnerability." Per: http://technet.microsoft.com/en-us/security/bulletin/ms11-094 'PowerPoint Insecure Library Loading Vulnerability - CVE-2011-3396 A remote code execution vulnerability exists in the way that Microsoft PowerPoint handles the loading of DLL files.' Per: http://cwe.mitre.org/data/definitions/426.html 'CWE-426: Untrusted Search Path'
References
Vulnerable Configurations
  • cpe:2.3:a:microsoft:powerpoint:2007:sp2:*:*:*:*:*:*
    cpe:2.3:a:microsoft:powerpoint:2007:sp2:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:powerpoint:2010:*:x32:*:*:*:*:*
    cpe:2.3:a:microsoft:powerpoint:2010:*:x32:*:*:*:*:*
  • cpe:2.3:a:microsoft:powerpoint:2010:*:x64:*:*:*:*:*
    cpe:2.3:a:microsoft:powerpoint:2010:*:x64:*:*:*:*:*
CVSS
Base: 9.3 (as of 12-10-2018 - 22:01)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
cvss-vector via4 AV:N/AC:M/Au:N/C:C/I:C/A:C
msbulletin via4
bulletin_id MS11-094
bulletin_url
date 2011-12-13T00:00:00
impact Remote Code Execution
knowledgebase_id 2639142
knowledgebase_url
severity Important
title Vulnerabilities in Microsoft PowerPoint Could Allow Remote Code Execution
oval via4
accepted 2014-07-07T04:00:35.073-04:00
class vulnerability
contributors
  • name Dragos Prisaca
    organization Symantec Corporation
  • name Shane Shaffer
    organization G2, Inc.
  • name Maria Mikhno
    organization ALTX-SOFT
definition_extensions
  • comment Microsoft PowerPoint 2007 Service Pack 2 is installed
    oval oval:org.mitre.oval:def:24721
  • comment Microsoft PowerPoint 2010 is installed
    oval oval:org.mitre.oval:def:12376
description Untrusted search path vulnerability in Microsoft PowerPoint 2007 SP2 and 2010 allows local users to gain privileges via a Trojan horse DLL in the current working directory, aka "PowerPoint Insecure Library Loading Vulnerability."
family windows
id oval:org.mitre.oval:def:14665
status accepted
submitted 2011-12-13T13:00:00
title PowerPoint Insecure Library Loading Vulnerability
version 16
refmap via4
cert TA11-347A
Last major update 12-10-2018 - 22:01
Published 14-12-2011 - 00:55
Last modified 12-10-2018 - 22:01
Back to Top