CVE-2009-0221
7.6 High
AI Score
Confidence
Low
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.911 High
EPSS
Percentile
98.8%
Integer overflow in Microsoft Office PowerPoint 2002 SP3 and 2003 SP3 allows remote attackers to execute arbitrary code via a PowerPoint file containing a crafted record type for โcollaboration information for different slidesโ that contains a field that specifies a large number of records, which triggers an under-allocated buffer and a heap-based buffer overflow, aka โInteger Overflow Vulnerability.โ
References
labs.idefense.com/intelligence/vulnerabilities/display.php?id=796
osvdb.org/54394
secunia.com/advisories/32428
www.securityfocus.com/bid/34835
www.securitytracker.com/id?1022205
www.us-cert.gov/cas/techalerts/TA09-132A.html
www.vupen.com/english/advisories/2009/1290
docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-017
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6127
Social References
More
Related
7.6 High
AI Score
Confidence
Low
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.911 High
EPSS
Percentile
98.8%