Lucene search

[email protected]CVE-2009-0225

HistoryMay 12, 2009 - 10:30 p.m.

CVE-2009-0225

2009-05-1222:30:00

CWE-94

[email protected]

web.nvd.nist.gov

microsoft office

powerpoint

cve-2009-0225

remote code execution

memory corruption

nvd

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.5 High

AI Score

Confidence

Low

0.927 High

EPSS

Percentile

99.0%

JSON

Microsoft Office PowerPoint 2002 SP3 allows remote attackers to execute arbitrary code via crafted sound data in a file that uses a PowerPoint 95 native file format, leading to improper “array indexing” and memory corruption, aka “PP7 Memory Corruption Vulnerability.”

Affected configurations

NVD

Node

microsoftoffice_powerpointMatch2002sp3

CPENameOperatorVersion
microsoft:office_powerpointmicrosoft office powerpointeq2002

CPE	Name	Operator	Version
microsoft:office_powerpoint	microsoft office powerpoint	eq	2002

References

osvdb.org/54388

secunia.com/advisories/32428

www.securityfocus.com/bid/34880

www.securitytracker.com/id?1022205

www.us-cert.gov/cas/techalerts/TA09-132A.html

www.vupen.com/english/advisories/2009/1290

www.vupen.com/exploits/Microsoft_PowerPoint_Array_Indexing_Code_Execution_Exploit_MS09_017_1290125.php

docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-017

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5526

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.5 High

AI Score

Confidence

Low

0.927 High

EPSS

Percentile

99.0%

JSON

Related for CVE-2009-0225

seebug2 checkpoint_advisories2 prion1 symantec1 cvelist1 nvd1 securityvulns2 nessus1 openvas2