CVE-2009-1129
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
Multiple stack-based buffer overflows in the PowerPoint 95 importer (PP7X32.DLL) in Microsoft Office PowerPoint 2000 SP3, 2002 SP3, and 2003 SP3 allow remote attackers to execute arbitrary code via an inconsistent record length in sound data in a file that uses a PowerPoint 95 (PPT95) native file format, aka "PP7 Memory Corruption Vulnerability," a different vulnerability than CVE-2009-1128.
Múltiples desbordamientos de búfer en la región stack de la memoria en el importador de PowerPoint 95 (biblioteca PP7X32. DLL) en Office PowerPoint 2000 SP3, 2002 SP3 y 2003 SP3 de Microsoft, permite a los atacantes remotos ejecutar código arbitrario por medio de una longitud de registro inconsistente en datos de sonido en un archivo que utiliza un formato de archivo nativo de PowerPoint 95 (PPT95), también se conoce como "PP7 Memory Corruption Vulnerability", una vulnerabilidad diferente de CVE-2009-1128.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2009-03-25 CVE Reserved
- 2009-05-12 CVE Published
- 2024-08-07 CVE Updated
- 2024-11-20 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
CAPEC
References (9)
| URL | Tag | Source |
|---|---|---|
| http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=791 | Third Party Advisory | |
| http://osvdb.org/54387 | Vdb Entry | |
| http://www.securityfocus.com/bid/34839 | Vdb Entry | |
| http://www.securitytracker.com/id?1022205 | Vdb Entry | |
| http://www.us-cert.gov/cas/techalerts/TA09-132A.html | Third Party Advisory | |
| https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6176 | Signature |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://secunia.com/advisories/32428 | 2018-10-12 | |
| http://www.vupen.com/english/advisories/2009/1290 | 2018-10-12 | |
| https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-017 | 2018-10-12 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Microsoft Search vendor "Microsoft" | Office Powerpoint Search vendor "Microsoft" for product "Office Powerpoint" | 2000 Search vendor "Microsoft" for product "Office Powerpoint" and version "2000" | sp3 |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Office Powerpoint Search vendor "Microsoft" for product "Office Powerpoint" | 2002 Search vendor "Microsoft" for product "Office Powerpoint" and version "2002" | sp3 |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Office Powerpoint Search vendor "Microsoft" for product "Office Powerpoint" | 2003 Search vendor "Microsoft" for product "Office Powerpoint" and version "2003" | sp3 |
Affected
| ||||||