QwikSec

Security Database

CVE

CWE

Training

CVE-2009-0222

Published: May 12, 2009

Modified: Aug 7, 2024

PUBLISHED

Description

Microsoft Office PowerPoint 2000 SP3, 2002 SP3, and 2003 SP3 allows remote attackers to execute arbitrary code via crafted sound data in a file that uses a PowerPoint 4.0 native file format, leading to a "pointer overwrite" and memory corruption, aka "Legacy File Format Vulnerability," a different vulnerability than CVE-2009-0223, CVE-2009-0226, CVE-2009-0227, and CVE-2009-1137.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

http://www.vupen.com/exploits/Microsoft_PowerPoint_Pointer_Overwrite_Code_Execution_Exploit_MS09_017_1290123.php

x_refsource_MISC

vdb-entry

x_refsource_BID

third-party-advisory

x_refsource_SECUNIA

vdb-entry

x_refsource_VUPEN

vendor-advisory

x_refsource_MS

oval:org.mitre.oval:def:6143

vdb-entry

signature

x_refsource_OVAL

vdb-entry

x_refsource_SECTRACK

third-party-advisory

x_refsource_CERT

vdb-entry

x_refsource_OSVDB

http://www.vupen.com/exploits/Microsoft_PowerPoint_Memory_Corruption_Code_Execution_Exploit_MS09_017_1290124.php

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.