|
Microsoft PowerPoint Modify Protection Bypass
|
|
Secunia Advisory:
|
SA9834
|
|
|
Release Date:
|
2003-09-24
|
|
Popularity:
|
9,090 views
|
|
|
Critical:
|
Not critical
|
|
Impact:
|
Manipulation of data
|
|
Where:
|
Local system
|
|
Solution Status:
|
Unpatched
|
|
| Software: | Microsoft Office XP
Microsoft PowerPoint 2002
|
|
|
Subscribe:
|
Instant alerts on relevant vulnerabilities 
|
|
Description:
A vulnerability has been identified in PowerPoint 2002 allowing people to modify a protected document.
Microsoft offers a protection feature in PowerPoint, which allows people to distribute PowerPoint documents that have been protected against editing.
However, the contents of a PowerPoint presentation can still be edited as a new presentation by opening the protected document and then opening the "Tools->Macro->Microsoft Script Editor". While the Script Editor is open, all relevant files are accessible in the current temporary directory.
This is considered "Not critical" as the data could be copied and modified in many different ways. However, it is considered a vulnerability because the software fails to provide the promised protection.
Solution:
You can't protect a document from being edited if people can read the content. You can, however, digitally sign the document using PGP / GPG or verify the MD5sum of the document to see if it has been tampered.
Provided and/or discovered by:
Raghavendra
|
|
|
Track this Secunia Advisory
|
Customers of the Secunia Vulnerability Intelligence solutions will automatically receive updates when new information regarding this advisory is released.
Read more about our Vulnerability Intelligence solutions and what they can do for you and your company.
|
|
|
About this Secunia Advisory
|
Please note: The information that this Secunia Advisory is based on comes from a third party unless stated otherwise.
Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others.
|
