CVE-2009-0221
Last modified
CVE-2009-0221 is a vulnerability of currently unknown severity. Integer overflow in Microsoft Office PowerPoint 2002 SP3 and 2003 SP3 allows remote attackers to execute arbitrary code via a PowerPoint file containing a crafted record type for "collaboration information for different slides" that contains a field that specifies a large number of records, which triggers an under-allocated buffer and a heap-based buffer overflow, aka "Integer Overflow Vulnerability.". EPSS estimates a 37.86% chance of exploitation in the next 30 days.
Description
Integer overflow in Microsoft Office PowerPoint 2002 SP3 and 2003 SP3 allows remote attackers to execute arbitrary code via a PowerPoint file containing a crafted record type for "collaboration information for different slides" that contains a field that specifies a large number of records, which triggers an under-allocated buffer and a heap-based buffer overflow, aka "Integer Overflow Vulnerability."
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions | Update |
|---|---|---|---|
| Microsoft | Office Powerpoint | 2002 | Sp3 |
| Microsoft | Office Powerpoint | 2003 | Sp3 |
References
- http://www.us-cert.gov/cas/techalerts/TA09-132A.htmlUS Government Resource
- http://www.us-cert.gov/cas/techalerts/TA09-132A.htmlUS Government Resource
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2009-0221?
How severe is CVE-2009-0221?
How do I fix CVE-2009-0221?
Are you affected by CVE-2009-0221?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST