Phase:PowerPoint 95 and 97 allows remote attackers to cause an application to be run automatically without prompting the user, possibly through the slide show, when the document is opened in browsers such as Internet Explorer.
ReferencesCONFIRM:http://www.microsoft.com/windows/ie/security/powerpoint.asp | XF:nt-ppt-patch(179) | URL:http://xforce.iss.net/static/179.php
Votes:Proposed (Wednesday, September 12, 2001)
Comments: ACCEPT(6) Wall, Foat, Cole, Armstrong, Frech, Stracener
F7: Frech> Looks like CONFIRM URL is too old for Microsoft to keep | (currently cached at | http://www.google.com/search?q=cache:86loHcRhaL4:www.microsoft.com/ie/ | security/powerpoint.htm+%22PowerPoint+Browsing+Security+Issue%22&hl=en | ). Same information is available at BugTraq at | http://www.securityfocus.com/cgi-bin/archive.pl?id=1&mid=6724