Multiple vulnerabilities in Microsoft Powerpoint
| Risk | Critical |
| Patch available | YES |
| Number of vulnerabilities | 14 |
| CVE-ID | CVE-2009-1137 CVE-2009-1131 CVE-2009-1130 CVE-2009-1129 CVE-2009-1128 CVE-2009-0556 CVE-2009-0227 CVE-2009-0226 CVE-2009-0225 CVE-2009-0224 CVE-2009-0223 CVE-2009-0222 CVE-2009-0221 CVE-2009-0220 |
| CWE-ID | CWE-119 CWE-121 CWE-122 CWE-129 |
| Exploitation vector | Network |
| Public exploit | Vulnerability #6 is being exploited in the wild. |
| Vulnerable software Subscribe |
Microsoft PowerPoint Client/Desktop applications / Office applications Microsoft Office Client/Desktop applications / Office applications Microsoft Office for Mac Client/Desktop applications / Office applications PowerPoint Viewer Client/Desktop applications / Office applications Microsoft Works Client/Desktop applications / Office applications |
| Vendor | Microsoft |
Security Bulletin
This security bulletin contains information about 14 vulnerabilities.
1) Memory corruption
EUVDB-ID: #VU1417
Risk: High
CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2009-1137
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The weakness exists due to boundary error when handling malformed PowerPoint files. A remote attacker can create a specially crafted PowerPoint file containing sound data, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system with privileges of the current user.
Successful exploitation of the vulnerability results in arbitrary code execution on the vulnerable system.
Install update from vendor's website:
Microsoft Office PowerPoint 2000 Service Pack 3:
https://www.microsoft.com/downloads/details.aspx?familyid=f443312a-ac74-4ebc-a4ac-7a756aa67894
http://go.microsoft.com/fwlink/?LinkId=120394
Microsoft Office PowerPoint 2002 Service Pack 3:
https://www.microsoft.com/downloads/details.aspx?familyid=a24ec7ab-c1c7-4ddb-8b6e-107f1af67f49
http://go.microsoft.com/fwlink/?LinkId=120394
Microsoft Office PowerPoint 2003 Service Pack 3:
https://www.microsoft.com/downloads/details.aspx?familyid=ccfa978b-3340-40db-a45d-c880ba36b106
http://go.microsoft.com/fwlink/?LinkId=120394
Microsoft PowerPoint: 2000 - 2003
Microsoft Office: 2000 - XP
External linkshttp://technet.microsoft.com/en-us/library/security/ms09-017.aspx
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Stack-based buffer overflow
EUVDB-ID: #VU1416
Risk: High
CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2009-1131
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The weakness exists due to stack-based buffer overflow when handling malformed PowerPoint files. A remote attacker can create a specially crafted PowerPoint file, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system with privileges of the current user.
Successful exploitation of the vulnerability results in arbitrary code execution on the vulnerable system.
Install update from vendor's website:
Microsoft Office PowerPoint 2000 Service Pack 3:
https://www.microsoft.com/downloads/details.aspx?familyid=f443312a-ac74-4ebc-a4ac-7a756aa67894
http://go.microsoft.com/fwlink/?LinkId=120394
Microsoft PowerPoint: 2000
Microsoft Office: 2000
External linkshttp://technet.microsoft.com/en-us/library/security/ms09-017.aspx
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Heap-based buffer overflow
EUVDB-ID: #VU1415
Risk: High
CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2009-1130
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The weakness exists due to heap-based buffer overflow when handling malformed PowerPoint files. A remote attacker can create a specially PowerPoint file containing a malformed structure value, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system with privileges of the current user.
Successful exploitation of the vulnerability results in arbitrary code execution on the vulnerable system.
Install update from vendor's website:
Microsoft Office PowerPoint 2002 Service Pack 3:
https://www.microsoft.com/downloads/details.aspx?familyid=a24ec7ab-c1c7-4ddb-8b6e-107f1af67f49
http://go.microsoft.com/fwlink/?LinkId=120394
Microsoft Office PowerPoint 2003 Service Pack 3:
https://www.microsoft.com/downloads/details.aspx?familyid=ccfa978b-3340-40db-a45d-c880ba36b106
http://go.microsoft.com/fwlink/?LinkId=120394
Microsoft Office 2004 for Mac:
https://www.microsoft.com/downloads/details.aspx?FamilyID=5557bfb7-ebb4-4c42-8042-41e830c4e550
http://go.microsoft.com/fwlink/?LinkID=143568
Microsoft PowerPoint: 2002 - 2003
Microsoft Office for Mac: 2004
Microsoft Office: 2003 - XP
External linkshttp://technet.microsoft.com/en-us/library/security/ms09-017.aspx
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Stack-based buffer overflow
EUVDB-ID: #VU1414
Risk: High
CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2009-1129
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The weakness exists due to stack-based buffer overflow when handling malformed PowerPoint files. A remote attacker can create a specially crafted PowerPoint file containing sound data with inconsistent record length, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system with privileges of the current user.
Successful exploitation of the vulnerability results in arbitrary code execution on the vulnerable system.
Install update from vendor's website:
Microsoft Office PowerPoint 2000 Service Pack 3:
https://www.microsoft.com/downloads/details.aspx?familyid=f443312a-ac74-4ebc-a4ac-7a756aa67894
http://go.microsoft.com/fwlink/?LinkId=120394
Microsoft Office PowerPoint 2002 Service Pack 3:
https://www.microsoft.com/downloads/details.aspx?familyid=a24ec7ab-c1c7-4ddb-8b6e-107f1af67f49
http://go.microsoft.com/fwlink/?LinkId=120394
Microsoft Office PowerPoint 2003 Service Pack 3:
https://www.microsoft.com/downloads/details.aspx?familyid=ccfa978b-3340-40db-a45d-c880ba36b106
http://go.microsoft.com/fwlink/?LinkId=120394
Microsoft PowerPoint: 2000 - 2003
Microsoft Office: 2000 - XP
External linkshttp://technet.microsoft.com/en-us/library/security/ms09-017.aspx
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Memory corruption
EUVDB-ID: #VU1413
Risk: High
CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2009-1128
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The weakness exists due to boundary error when handling malformed PowerPoint files. A remote attacker can create a specially crafted PowerPoint file containing sound data, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system with privileges of the current user.
Successful exploitation of the vulnerability results in arbitrary code execution on the vulnerable system.
Install update from vendor's website:
Microsoft Office PowerPoint 2000 Service Pack 3:
https://www.microsoft.com/downloads/details.aspx?familyid=f443312a-ac74-4ebc-a4ac-7a756aa67894
http://go.microsoft.com/fwlink/?LinkId=120394
Microsoft Office PowerPoint 2002 Service Pack 3:
https://www.microsoft.com/downloads/details.aspx?familyid=a24ec7ab-c1c7-4ddb-8b6e-107f1af67f49
http://go.microsoft.com/fwlink/?LinkId=120394
Microsoft Office PowerPoint 2003 Service Pack 3:
https://www.microsoft.com/downloads/details.aspx?familyid=ccfa978b-3340-40db-a45d-c880ba36b106
http://go.microsoft.com/fwlink/?LinkId=120394
Microsoft PowerPoint: 2000 - 2003
Microsoft Office: 2000 - XP
External linkshttp://technet.microsoft.com/en-us/library/security/ms09-017.aspx
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Memory corruption
EUVDB-ID: #VU1412
Risk: Critical
CVSSv3.1: 8.9 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:F/RL:O/RC:C]
CVE-ID: CVE-2009-0556
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The weakness exists due to boundary error when handling malformed PowerPoint files. A remote attacker can create a specially crafted PowerPoint file, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system with privileges of the current user.
Successful exploitation of the vulnerability results in arbitrary code execution on the vulnerable system.
Note: this vulnerability was being actively exploited.
Install update from vendor's website:
Microsoft Office PowerPoint 2000 Service Pack 3:
https://www.microsoft.com/downloads/details.aspx?familyid=f443312a-ac74-4ebc-a4ac-7a756aa67894
http://go.microsoft.com/fwlink/?LinkId=120394
Microsoft Office PowerPoint 2002 Service Pack 3:
https://www.microsoft.com/downloads/details.aspx?familyid=a24ec7ab-c1c7-4ddb-8b6e-107f1af67f49
http://go.microsoft.com/fwlink/?LinkId=120394
Microsoft Office PowerPoint 2003 Service Pack 3:
https://www.microsoft.com/downloads/details.aspx?familyid=ccfa978b-3340-40db-a45d-c880ba36b106
http://go.microsoft.com/fwlink/?LinkId=120394
Microsoft Office 2004 for Mac:
https://www.microsoft.com/downloads/details.aspx?FamilyID=5557bfb7-ebb4-4c42-8042-41e830c4e550
http://go.microsoft.com/fwlink/?LinkID=143568
Microsoft PowerPoint: 2000 - 2003
Microsoft Office for Mac: 2004
Microsoft Office: 2000 - XP
External linkshttp://technet.microsoft.com/en-us/library/security/ms09-017.aspx
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, a fully functional exploit for this vulnerability is available.
7) Stack-based buffer overflow
EUVDB-ID: #VU1411
Risk: High
CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2009-0227
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The weakness exists due to stack-based buffer overflow when handling malformed PowerPoint files. A remote attacker can create a specially crafted PowerPoint file containing sound data, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system with privileges of the current user.
Successful exploitation of the vulnerability results in arbitrary code execution on the vulnerable system.
Install update from vendor's website:
Microsoft Office PowerPoint 2000 Service Pack 3:
https://www.microsoft.com/downloads/details.aspx?familyid=f443312a-ac74-4ebc-a4ac-7a756aa67894
http://go.microsoft.com/fwlink/?LinkId=120394
Microsoft Office PowerPoint 2002 Service Pack 3:
https://www.microsoft.com/downloads/details.aspx?familyid=a24ec7ab-c1c7-4ddb-8b6e-107f1af67f49
http://go.microsoft.com/fwlink/?LinkId=120394
Microsoft Office PowerPoint 2003 Service Pack 3:
https://www.microsoft.com/downloads/details.aspx?familyid=ccfa978b-3340-40db-a45d-c880ba36b106
http://go.microsoft.com/fwlink/?LinkId=120394
Microsoft PowerPoint: 2000 - 2003
Microsoft Office: 2000 - XP
External linkshttp://technet.microsoft.com/en-us/library/security/ms09-017.aspx
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
8) Stack-based buffer overflow
EUVDB-ID: #VU1410
Risk: High
CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2009-0226
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The weakness exists due to stack-based buffer overflow when handling malformed PowerPoint files. A remote attacker can create a specially crafted PowerPoint file containing sound data, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system with privileges of the current user.
Successful exploitation of the vulnerability results in arbitrary code execution on the vulnerable system.
Install update from vendor's website:
Microsoft Office PowerPoint 2000 Service Pack 3:
https://www.microsoft.com/downloads/details.aspx?familyid=f443312a-ac74-4ebc-a4ac-7a756aa67894
http://go.microsoft.com/fwlink/?LinkId=120394
Microsoft Office PowerPoint 2002 Service Pack 3:
https://www.microsoft.com/downloads/details.aspx?familyid=a24ec7ab-c1c7-4ddb-8b6e-107f1af67f49
http://go.microsoft.com/fwlink/?LinkId=120394
Microsoft Office PowerPoint 2003 Service Pack 3:
https://www.microsoft.com/downloads/details.aspx?familyid=ccfa978b-3340-40db-a45d-c880ba36b106
http://go.microsoft.com/fwlink/?LinkId=120394
Microsoft PowerPoint: 2000 - 2003
Microsoft Office: 2000 - XP
External linkshttp://technet.microsoft.com/en-us/library/security/ms09-017.aspx
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
9) Memory corruption
EUVDB-ID: #VU1409
Risk: High
CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2009-0225
CWE-ID:
CWE-129 - Improper Validation of Array Index
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The weakness exists due to ''array indexing'' error when handling malformed PowerPoint files. A remote attacker can create a specially crafted PowerPoint file containing sound data, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system with privileges of the current user.
Successful exploitation of the vulnerability results in arbitrary code execution on the vulnerable system.
Install update from vendor's website:
Microsoft Office PowerPoint 2002 Service Pack 3:
https://www.microsoft.com/downloads/details.aspx?familyid=a24ec7ab-c1c7-4ddb-8b6e-107f1af67f49
http://go.microsoft.com/fwlink/?LinkId=120394
Microsoft PowerPoint: 2002
Microsoft Office: XP
External linkshttp://technet.microsoft.com/en-us/library/security/ms09-017.aspx
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
10) Memory corruption
EUVDB-ID: #VU1408
Risk: High
CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2009-0224
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The weakness exists due to boundary error when handling malformed PowerPoint files. A remote attacker can create a specially crafted PowerPoint file containing invalid record type, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system with privileges of the current user.
Successful exploitation of the vulnerability results in arbitrary code execution on the vulnerable system.
Install update from vendor's website:
Microsoft Office PowerPoint 2000 Service Pack 3:
https://www.microsoft.com/downloads/details.aspx?familyid=f443312a-ac74-4ebc-a4ac-7a756aa67894
http://go.microsoft.com/fwlink/?LinkId=120394
Microsoft Office PowerPoint 2002 Service Pack 3:
https://www.microsoft.com/downloads/details.aspx?familyid=a24ec7ab-c1c7-4ddb-8b6e-107f1af67f49
http://go.microsoft.com/fwlink/?LinkId=120394
Microsoft Office PowerPoint 2003 Service Pack 3:
https://www.microsoft.com/downloads/details.aspx?familyid=ccfa978b-3340-40db-a45d-c880ba36b106
http://go.microsoft.com/fwlink/?LinkId=120394
Microsoft Office PowerPoint 2007 Service Pack 1:
https://www.microsoft.com/downloads/details.aspx?familyid=11f8380f-ffb6-4c22-a89c-3dc55d0f9834
http://go.microsoft.com/fwlink/?LinkId=120394
Microsoft Office PowerPoint 2007 Service Pack 2:
https://www.microsoft.com/downloads/details.aspx?familyid=11f8380f-ffb6-4c22-a89c-3dc55d0f9834
Microsoft Office 2004 for Mac:
https://www.microsoft.com/downloads/details.aspx?FamilyID=5557bfb7-ebb4-4c42-8042-41e830c4e550
http://go.microsoft.com/fwlink/?LinkID=143568
Microsoft Office 2008 for Mac:
https://www.microsoft.com/downloads/details.aspx?FamilyID=58326da2-eb75-4b42-b1bc-e70319defb58
http://go.microsoft.com/fwlink/?LinkID=143568
Open XML File Format Converter for Mac:
https://www.microsoft.com/downloads/details.aspx?FamilyID=9d6d9eaa-8442-4184-8886-faab2803bde6
http://go.microsoft.com/fwlink/?LinkId=131481
PowerPoint Viewer 2003:
https://www.microsoft.com/downloads/details.aspx?familyid=6a57e6ed-bd24-406f-87bb-117391e083e0
http://go.microsoft.com/fwlink/?LinkId=125468
PowerPoint Viewer 2007 Service Pack 1 and PowerPoint Viewer 2007 Service Pack 2:
https://www.microsoft.com/downloads/details.aspx?familyid=141b8338-5c52-4326-a9e4-d2f2d8940d9c
Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Service Pack 1 and Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Service Pack 2:
https://www.microsoft.com/downloads/details.aspx?familyid=e1d3a4c3-538a-4f98-8d60-250803a80e2a
http://go.microsoft.com/fwlink/?LinkId=120394
Microsoft Works 8.5:
https://www.microsoft.com/downloads/details.aspx?familyid=628280fe-e035-4274-85f2-393d9bad543c
http://go.microsoft.com/fwlink/?LinkId=126306
Microsoft Works 9:
https://www.microsoft.com/downloads/details.aspx?familyid=f6fa110e-45c6-450f-ae47-c89a06e3f762
Microsoft PowerPoint: 2000 - 2007
Microsoft Office for Mac: 2004 - 2008
PowerPoint Viewer: 2003 - 2007
Microsoft Office: 2000 - XP
Microsoft Works: 8.5 - 9.0
External linkshttp://technet.microsoft.com/en-us/library/security/ms09-017.aspx
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
11) Memory corruption
EUVDB-ID: #VU1407
Risk: High
CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2009-0223
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The weakness exists due to boundary error when handling malformed PowerPoint files. A remote attacker can create a specially crafted PowerPoint file containing sound data, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system with privileges of the current user.
Successful exploitation of the vulnerability results in arbitrary code execution on the vulnerable system.
Install update from vendor's website:
Microsoft Office PowerPoint 2000 Service Pack 3:
https://www.microsoft.com/downloads/details.aspx?familyid=f443312a-ac74-4ebc-a4ac-7a756aa67894
http://go.microsoft.com/fwlink/?LinkId=120394
Microsoft Office PowerPoint 2002 Service Pack 3:
https://www.microsoft.com/downloads/details.aspx?familyid=a24ec7ab-c1c7-4ddb-8b6e-107f1af67f49
http://go.microsoft.com/fwlink/?LinkId=120394
Microsoft Office PowerPoint 2003 Service Pack 3:
https://www.microsoft.com/downloads/details.aspx?familyid=ccfa978b-3340-40db-a45d-c880ba36b106
http://go.microsoft.com/fwlink/?LinkId=120394
Microsoft PowerPoint: 2000 - 2003
Microsoft Office: 2000 - XP
External linkshttp://technet.microsoft.com/en-us/library/security/ms09-017.aspx
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
12) Memory corruption
EUVDB-ID: #VU1406
Risk: High
CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2009-0222
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The weakness exists due to boundary error when handling malformed PowerPoint files. A remote attacker can create a specially crafted PowerPoint file containing sound data, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system with privileges of the current user.
Successful exploitation of the vulnerability results in arbitrary code execution on the vulnerable system.
Install update from vendor's website:
Microsoft Office PowerPoint 2000 Service Pack 3:
https://www.microsoft.com/downloads/details.aspx?familyid=f443312a-ac74-4ebc-a4ac-7a756aa67894
http://go.microsoft.com/fwlink/?LinkId=120394
Microsoft Office PowerPoint 2002 Service Pack 3:
https://www.microsoft.com/downloads/details.aspx?familyid=a24ec7ab-c1c7-4ddb-8b6e-107f1af67f49
http://go.microsoft.com/fwlink/?LinkId=120394
Microsoft Office PowerPoint 2003 Service Pack 3:
https://www.microsoft.com/downloads/details.aspx?familyid=ccfa978b-3340-40db-a45d-c880ba36b106
http://go.microsoft.com/fwlink/?LinkId=120394
Microsoft PowerPoint: 2000 - 2003
Microsoft Office: 2000 - XP
External linkshttp://technet.microsoft.com/en-us/library/security/ms09-017.aspx
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
13) Integer Overflow or Wraparound
EUVDB-ID: #VU1405
Risk: High
CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2009-0221
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The weakness exists due to stack-based buffer overflow when handling malformed PowerPoint files. A remote attacker can create a specially PowerPoint file containing an invalid record type, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system with privileges of the current user.
Successful exploitation of the vulnerability results in arbitrary code execution on the vulnerable system.
Install update from vendor's website:
Microsoft Office PowerPoint 2002 Service Pack 3:
https://www.microsoft.com/downloads/details.aspx?familyid=a24ec7ab-c1c7-4ddb-8b6e-107f1af67f49
http://go.microsoft.com/fwlink/?LinkId=120394
Microsoft Office PowerPoint 2003 Service Pack 3:
https://www.microsoft.com/downloads/details.aspx?familyid=ccfa978b-3340-40db-a45d-c880ba36b106
http://go.microsoft.com/fwlink/?LinkId=120394
Microsoft PowerPoint: 2002 - 2003
Microsoft Office: 2003 - XP
External linkshttp://technet.microsoft.com/en-us/library/security/ms09-017.aspx
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
14) Stack-based buffer overflow
EUVDB-ID: #VU1404
Risk: High
CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2009-0220
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The weakness exists due to stack-based buffer overflow when handling malformed PowerPoint files. A remote attacker can create a specially crafted PowerPoint file, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system with privileges of the current user.
Successful exploitation of the vulnerability results in arbitrary code execution on the vulnerable system.
Install update from vendor's website:
Microsoft Office PowerPoint 2000 Service Pack 3:
https://www.microsoft.com/downloads/details.aspx?familyid=f443312a-ac74-4ebc-a4ac-7a756aa67894
http://go.microsoft.com/fwlink/?LinkId=120394
Microsoft Office PowerPoint 2002 Service Pack 3:
https://www.microsoft.com/downloads/details.aspx?familyid=a24ec7ab-c1c7-4ddb-8b6e-107f1af67f49
http://go.microsoft.com/fwlink/?LinkId=120394
Microsoft Office PowerPoint 2003 Service Pack 3:
https://www.microsoft.com/downloads/details.aspx?familyid=ccfa978b-3340-40db-a45d-c880ba36b106
http://go.microsoft.com/fwlink/?LinkId=120394
Microsoft PowerPoint: 2000 - 2003
Microsoft Office: 2000 - XP
External linkshttp://technet.microsoft.com/en-us/library/security/ms09-017.aspx
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
