CVE-2009-0556

Warnung

Medienbericht

EPSS 76.76%
Veröffentlicht 03.04.2009 18:30:00
Zuletzt bearbeitet 08.01.2026 02:00:02
Quelle secure@microsoft.com
CVE-Watchlists
Login
Unerledigt
Login

Microsoft Office PowerPoint 2000 SP3, 2002 SP3, and 2003 SP3, and PowerPoint in Microsoft Office 2004 for Mac, allows remote attackers to execute arbitrary code via a PowerPoint file with an OutlineTextRefAtom containing an an invalid index value that triggers memory corruption, as exploited in the wild in April 2009 by Exploit:Win32/Apptom.gen, aka "Memory Corruption Vulnerability."

Betroffene Produkte Warnungen 1 Metriken 3 CWE 1 Referenzen 23

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Microsoft ≫ Office Powerpoint Version2004

Microsoft ≫ Powerpoint Version2000 Updatesp3

Microsoft ≫ Powerpoint Version2002 Updatesp3

Microsoft ≫ Powerpoint Version2003 Updatesp3

07.01.2026: CISA Known Exploited Vulnerabilities (KEV) Catalog

Microsoft Office PowerPoint Code Injection Vulnerability

Schwachstelle

Microsoft Office PowerPoint contains a code injection vulnerability that allows remote attackers to execute arbitrary code via a PowerPoint file with an OutlineTextRefAtom containing an invalid index value that triggers memory corruption.

Beschreibung

Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Erforderliche Maßnahmen

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	76.76%	0.989

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	9.3	8.6	10	AV:N/AC:M/Au:N/C:C/I:C/A:C
134c704f-9b21-4f2e-91b3-4a467353bcc0	8.8	2.8	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE-94 Improper Control of Generation of Code ('Code Injection')

The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.

https://www.heise.de/news/Jetzt-patchen-Angreifer-attackieren-HPE-OneView-und-PowerPoint-11132320.html

Medienbericht

heise Security

08.01.2026 10:08

http://blogs.technet.com/mmpc/archive/2009/04/02/new-0-day-exploits-using-powerpoint-files.aspx

Vendor Advisory

http://blogs.technet.com/msrc/archive/2009/04/02/microsoft-security-advisory-969136.aspx

Vendor Advisory

http://blogs.technet.com/srd/archive/2009/04/02/investigating-the-new-powerpoint-issue.aspx

Vendor Advisory

http://osvdb.org/53182

http://secunia.com/advisories/34572