Full Disclosure mailing list archives

[Advisory] $ =Thu Mar 16 13:30:03 EST 2006= $ Directory Transversal in Microsoft PowerPoint

From: listuser () seifried org
Date: Thu, 16 Mar 2006 18:30:08 +0000 (GMT)




[Advisory] $ =Thu Mar 16 13:30:03 EST 2006= $ Directory Transversal in Microsoft PowerPoint




======================
[+] BACKGROUND
There is no background.
======================
[+] DESCRIPTION
Remote exploitation of a directory traversal vulnerability in Microsoft PowerPoint could allow attackers to overwrite 
or view arbitrary files with user-supplied contents.

======================
[+] HISTORY
2/25/2006 [+] Vendor Notification.
3/16/2006 [+] Public Disclosure.
======================
[+] WORKAROUND
There had been no workarounds.
======================
[+] VENDOR RESPONSE
Microsoft PowerPoint had offered no identified information about this issue.
======================
[+] CVE INFORMATION
The Common Vulnerabilities and Exposures (CVE) project has assigned the name CVE-2006-66324 to this issue


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Current thread:

[Advisory] $ =Thu Mar 16 13:30:03 EST 2006= $ Directory Transversal in Microsoft PowerPoint listuser (Mar 16)