QwikSec

Security Database

CVE

CWE

Training

CVE-2009-0556

Published: Apr 3, 2009

Modified: Jan 8, 2026

PUBLISHED

Description

Microsoft Office PowerPoint 2000 SP3, 2002 SP3, and 2003 SP3, and PowerPoint in Microsoft Office 2004 for Mac, allows remote attackers to execute arbitrary code via a PowerPoint file with an OutlineTextRefAtom containing an an invalid index value that triggers memory corruption, as exploited in the wild in April 2009 by Exploit:Win32/Apptom.gen, aka "Memory Corruption Vulnerability."

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

http://www.zerodayinitiative.com/advisories/ZDI-09-019

x_refsource_MISC

http://blogs.technet.com/mmpc/archive/2009/04/02/new-0-day-exploits-using-powerpoint-files.aspx

x_refsource_CONFIRM

vdb-entry

x_refsource_VUPEN

vdb-entry

x_refsource_OSVDB

vendor-advisory

x_refsource_MS

powerpoint-unspecified-code-execution(49632)

vdb-entry

x_refsource_XF

vdb-entry

x_refsource_BID

vdb-entry

x_refsource_VUPEN

http://blogs.technet.com/msrc/archive/2009/04/02/microsoft-security-advisory-969136.aspx

x_refsource_CONFIRM

http://blogs.technet.com/srd/archive/2009/04/02/investigating-the-new-powerpoint-issue.aspx

x_refsource_CONFIRM

oval:org.mitre.oval:def:6279

vdb-entry

signature

x_refsource_OVAL

third-party-advisory

x_refsource_SECUNIA

vdb-entry

x_refsource_SECTRACK

third-party-advisory

x_refsource_CERT

http://www.microsoft.com/technet/security/advisory/969136.mspx

x_refsource_CONFIRM

third-party-advisory

x_refsource_CERT-VN

20090512 ZDI-09-019: Microsoft Office PowerPoint OutlineTextRefAtom Parsing Memory Corruption Vulnerability

mailing-list

x_refsource_BUGTRAQ

oval:org.mitre.oval:def:6204

vdb-entry

signature

x_refsource_OVAL

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.