VRT Advisories

VRT Rules 2006-07-18

Sourcefire VRT Advisory

Date: 2006-07-18


The Sourcefire VRT has researched a vulnerability affecting Microsoft Powerpoint and has updated the DocCheck tool to process ppt files to determine the possible presence of exploit conditions.


Microsoft Security Advisory (922970) Microsoft Powerpoint suffers from a programming error that may allow an attacker to execute code of their choosing on an affected system by including that code in a specially crafted Powerpoint file.

The Sourcefire VRT has updated the DocCheck tool to examine Powerpoint files and report possible malformed files that could exploit this vulnerability.

DocCheck Tool Download:

download zip archive here

About the VRT:

The Sourcefire VRT is a group of leading edge intrusion detection and prevention experts working to proactively discover, assess and respond to the latest trends in hacking activity, intrusion attempts and vulnerabilities. This team is also supported by the vast resources of the open source Snort community, making it the largest group dedicated to advances in the network security industry.