CVE-2009-0556

KEV

🔴 Łataj teraz

Korupcja pamięci w Microsoft PowerPoint umożliwia zdalne wykonanie kodu.

CVSS

8.8

EPSS

76.4%

Exploit

weaponized

Vendor

microsoft

Opis źródłowy (NVD)

Microsoft Office PowerPoint 2000 SP3, 2002 SP3, and 2003 SP3, and PowerPoint in Microsoft Office 2004 for Mac, allows remote attackers to execute arbitrary code via a PowerPoint file with an OutlineTextRefAtom containing an an invalid index value that triggers memory corruption, as exploited in the wild in April 2009 by Exploit:Win32/Apptom.gen, aka "Memory Corruption Vulnerability."

brak Brak patcha

Źródła i daty

Źródło	Wartość
NVD – CVSS	8.8
CISA KEV (aktywnie wykorzystywane)	Tak
FIRST EPSS (prawdopodobieństwo exploita)	76.4%
Opublikowano (NVD)	2009-04-03 18:30:00 UTC
Ostatnia modyfikacja (NVD)	2026-04-22 16:47:07 UTC

Referencje

http://blogs.technet.com/mmpc/archive/2009/04/02/new-0-day-exploits-using-powerpoint-files.aspx (secure@microsoft.com) [Vendor Advisory]
http://blogs.technet.com/msrc/archive/2009/04/02/microsoft-security-advisory-969136.aspx (secure@microsoft.com) [Vendor Advisory]
http://blogs.technet.com/srd/archive/2009/04/02/investigating-the-new-powerpoint-issue.aspx (secure@microsoft.com) [Vendor Advisory]
http://osvdb.org/53182 (secure@microsoft.com) [Broken Link]
http://secunia.com/advisories/34572 (secure@microsoft.com) [Vendor Advisory]
http://www.kb.cert.org/vuls/id/627331 (secure@microsoft.com) [US Government Resource]
http://www.microsoft.com/technet/security/advisory/969136.mspx (secure@microsoft.com) [Patch, Vendor Advisory]
http://www.securityfocus.com/archive/1/503453/100/0/threaded (secure@microsoft.com) [Broken Link]
http://www.securityfocus.com/bid/34351 (secure@microsoft.com) [Broken Link]
http://www.securitytracker.com/id?1021967 (secure@microsoft.com) [Broken Link]
http://www.us-cert.gov/cas/techalerts/TA09-132A.html (secure@microsoft.com) [US Government Resource]
http://www.vupen.com/english/advisories/2009/0915 (secure@microsoft.com) [Vendor Advisory]
http://www.vupen.com/english/advisories/2009/1290 (secure@microsoft.com) [Broken Link]
http://www.zerodayinitiative.com/advisories/ZDI-09-019 (secure@microsoft.com) [Third Party Advisory]
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-017 (secure@microsoft.com) [Vendor Advisory]
https://exchange.xforce.ibmcloud.com/vulnerabilities/49632 (secure@microsoft.com) [Third Party Advisory]
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6204 (secure@microsoft.com) [Broken Link]
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6279 (secure@microsoft.com) [Broken Link]
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2009-0556 (134c704f-9b21-4f2e-91b3-4a467353bcc0) [US Government Resource]