Vulnerability Detail
Enriched intelligence for a single CVE
High
CVE-2009-0556
PUBLISHEDMicrosoft Office PowerPoint 2000 SP3, 2002 SP3, and 2003 SP3, and PowerPoint in Microsoft Office 2004 for Mac, allows remote attackers to execute...
6269 days faster than CISA KEV
- Vendor
- Microsoft
- Product
- Office PowerPoint
- Published
- Apr 03, 2009
- EPSS
- 59.0% · 98% pctl
Automate This Intelligence with the Pro API
Everything on this page — CVSS, EPSS, exploit status, PoCs, scanner integrations, mentions, tags, and immediate honeypot data — is available programmatically for VM, SOC, and CTI workflows.
Description
Microsoft Office PowerPoint 2000 SP3, 2002 SP3, and 2003 SP3, and PowerPoint in Microsoft Office 2004 for Mac, allows remote attackers to execute arbitrary code via a PowerPoint file with an OutlineTextRefAtom containing an an invalid index value that triggers memory corruption, as exploited in the wild in April 2009 by Exploit:Win32/Apptom.gen, aka "Memory Corruption Vulnerability."
Weaknesses (CWE)
-
Improper Control of Generation of Code ('Code Injection')
CVSS Scores
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
AV:N/AC:M/Au:N/C:C/I:C/A:C
Exploitation Status
Exploited in the wild
Recorded 2009-04-03 18:00:00 UTC · CVE
References
- http://www.zerodayinitiative.com/advisories/ZDI-09-019
- http://blogs.technet.com/mmpc/archive/2009/04/02/new-0-day-exploits-using-powerpoint-files.aspx
- http://www.vupen.com/english/advisories/2009/1290
- http://osvdb.org/53182
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-017
- https://exchange.xforce.ibmcloud.com/vulnerabilities/49632
- http://www.securityfocus.com/bid/34351
- http://www.vupen.com/english/advisories/2009/0915
- http://blogs.technet.com/msrc/archive/2009/04/02/microsoft-security-advisory-969136.aspx
- http://blogs.technet.com/srd/archive/2009/04/02/investigating-the-new-powerpoint-issue.aspx
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6279
- http://secunia.com/advisories/34572
- http://www.securitytracker.com/id?1021967
- http://www.us-cert.gov/cas/techalerts/TA09-132A.html
- http://www.microsoft.com/technet/security/advisory/969136.mspx
- http://www.kb.cert.org/vuls/id/627331
- http://www.securityfocus.com/archive/1/503453/100/0/threaded
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6204
Known Exploited Vulnerability Sources
Catalogues that list this CVE as a known exploited vulnerability.
| Source | Added |
|---|---|
| CVE First | 2009-04-03 18:00 UTC |
| CISA | 2026-06-02 14:04 UTC |
Timeline
-
KEV confirmed by CISA
-
Added to KEVIntel
-
CVE Published to Public
-
CVE ID Reserved