CVE-2011-0655

Published: Apr 13, 2011Modified: Apr 29, 2026

9.3

Vector

AV:N/AC:M/Au:N/C:C/I:C/A:C

Exploitability: 8.6 / Impact: 10.0

Source: NVD

Description

Microsoft PowerPoint 2007 SP2 and 2010; Office 2004, 2008, and 2011 for Mac; Open XML File Format Converter for Mac; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2; PowerPoint Viewer; PowerPoint Viewer 2007 SP2; and PowerPoint Web App do not properly validate TimeColorBehaviorContainer Floating Point records in PowerPoint documents, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted document containing an invalid record, aka "Floating Point Techno-color Time Bandit RCE Vulnerability."

Affected (10)

Products: Microsoft: Office, Office Compatibility Pack, Office Powerpoint Viewer, Open Xml File Format Converter, Powerpoint, Powerpoint Viewer, Powerpoint Web App

Microsoft

7 products

Office

Office Compatibility Pack

Office Powerpoint Viewer

Open Xml File Format Converter

Powerpoint

Powerpoint Viewer

Powerpoint Web App

Configuration A

10 vulnerable

Vulnerable Software	Affected Versions
Microsoft Office	Version 2004
Microsoft Office	Version 2008
Microsoft Office	Version 2011
Microsoft Office Compatibility Pack	Version 2007 sp2
Microsoft Office Powerpoint Viewer	All versions
Microsoft Open Xml File Format Converter	All versions
Microsoft Powerpoint	Version 2010
Microsoft Powerpoint	Version 2010
Microsoft Powerpoint Viewer	Version 2007 sp2
Microsoft Powerpoint Web App	All versions