CVE Reference: CVE-2009-0221

NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE:
CVE-2009-0221

Description:
Integer overflow in Microsoft Office PowerPoint 2002 SP3 and 2003 SP3 allows remote attackers to execute arbitrary code via a PowerPoint file containing a crafted record type for "collaboration information for different slides" that contains a field that specifies a large number of records, which triggers an under-allocated buffer and a heap-based buffer overflow, aka "Integer Overflow Vulnerability."

CVE Status:
Candidate

References:

ST
  1022205

SAID
  Secunia Advisory: SA32428

OVAL
  http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:6127

OSVDB
  54394

MS
  http://www.microsoft.com/technet/security/Bulletin/MS09-017.mspx

IDEFENSE
  http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=796

CERT
  http://www.us-cert.gov/cas/techalerts/TA09-132A.html

BID
  34835


Return to the previous page.