CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
EPSS
Percentile
98.8%
Added: 05/21/2009
CVE: CVE-2009-1131
BID: 34841
OSVDB: 54393
Microsoft PowerPoint is presentation software included in the Microsoft Office desktop suite.
A buffer overflow vulnerability in Microsoft PowerPoint allows command execution when a user opens a presentation containing a specially crafted CurrentUserAtom record.
Apply the update referenced in Microsoft Security Bulletin 09-017.
<http://www.microsoft.com/technet/security/bulletin/MS09-017.mspx>
Exploit works on Microsoft PowerPoint 2000 SP3.
Windows XP