Lucene search

[email protected]NVD:CVE-2009-0225

HistoryMay 12, 2009 - 10:30 p.m.

CVE-2009-0225

2009-05-1222:30:00

CWE-94

[email protected]

web.nvd.nist.gov

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

7.4

Confidence

Low

EPSS

0.914

Percentile

99.0%

JSON

Microsoft Office PowerPoint 2002 SP3 allows remote attackers to execute arbitrary code via crafted sound data in a file that uses a PowerPoint 95 native file format, leading to improper “array indexing” and memory corruption, aka “PP7 Memory Corruption Vulnerability.”

Affected configurations

Nvd

Node

microsoftoffice_powerpointMatch2002sp3

VendorProductVersionCPE
microsoftoffice_powerpoint2002cpe:2.3:a:microsoft:office_powerpoint:2002:sp3:*:*:*:*:*:*

Vendor	Product	Version	CPE
microsoft	office_powerpoint	2002	cpe:2.3:a:microsoft:office_powerpoint:2002:sp3::::::

References

osvdb.org/54388

secunia.com/advisories/32428

www.securityfocus.com/bid/34880

www.securitytracker.com/id?1022205

www.us-cert.gov/cas/techalerts/TA09-132A.html

www.vupen.com/english/advisories/2009/1290

www.vupen.com/exploits/Microsoft_PowerPoint_Array_Indexing_Code_Execution_Exploit_MS09_017_1290125.php

docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-017

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5526

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

7.4

Confidence

Low

EPSS

0.914

Percentile

99.0%

JSON

Related for NVD:CVE-2009-0225

seebug2 cve1 checkpoint_advisories2 prion1 cvelist1 symantec1 nessus1 securityvulns2 openvas2