Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
9.3
CVSSv2

CVE-2009-0224

Published: 12/05/2009 Updated: 12/10/2018
CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6
VMScore: 828
Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Subscribe to Microsoft

Vulnerability Summary

Microsoft Office PowerPoint 2000 SP3, 2002 SP3, 2003 SP3, and 2007 SP1 and SP2; PowerPoint Viewer 2003 and 2007 SP1 and SP2; PowerPoint in Microsoft Office 2004 for Mac and 2008 for Mac; Open XML File Format Converter for Mac; Microsoft Works 8.5 and 9.0; and Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2 do not properly validate PowerPoint files, which allows remote malicious users to execute arbitrary code via multiple crafted BuildList records that include ChartBuild containers, which triggers memory corruption, aka "Memory Corruption Vulnerability."

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

microsoft office powerpoint 2000

microsoft office powerpoint 2002

microsoft open xml file format converter

microsoft works 8.5

microsoft office powerpoint viewer 2007

microsoft office compatibility pack for word excel ppt 2007

microsoft powerpoint 2008

microsoft office powerpoint viewer 2003

microsoft compatibility pack word excel powerpoint 2007

microsoft office powerpoint 2003

microsoft office powerpoint 2007

microsoft powerpoint 2004

microsoft works 9.0

References

CWE-94http://www.us-cert.gov/cas/techalerts/TA09-132A.htmlhttp://www.securitytracker.com/id?1022205http://www.vupen.com/english/advisories/2009/1290http://www.securityfocus.com/bid/34879http://secunia.com/advisories/32428http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=793https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6023https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-017https://nvd.nist.gov
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48654CVE-2024-2757authentication bypassCVE-2024-3194CVE-2024-33640CVE-2024-21111dosinsecure direct object referenceCVE-2024-21345
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook