Showing 1 - 1 of 1

CVE-2009-2528

Status Candidate

Overview

GDI+ in Microsoft Office XP SP3 does not properly handle malformed objects in Office Art Property Tables, which allows remote attackers to execute arbitrary code via a crafted Office document that triggers memory corruption, aka "Memory Corruption Vulnerability."

Related Files

iDEFENSE Security Advisory 2009-10-13.4: Posted Oct 15, 2009; Authored by iDefense Labs, Marsu | Site idefense.com; iDefense Security Advisory 10.13.09 - Remote exploitation of a memory corruption vulnerability in Microsoft Corp.'s Office could allow an attacker to execute arbitrary code with the privileges of the current user. The vulnerability occurs when parsing the msofbtOPT Office Drawing record type. This record is used to provide default values for shape properties. By inserting a specially crafted property ID, it is possible to corrupt heap memory and overwrite an object pointer. iDefense has confirmed the existence of this vulnerability in Office XP SP3.; tags | advisory, remote, arbitrary; advisories | CVE-2009-2528; SHA-256 | 46af8ea0d27e803521a04613c0afa93c64815bbde88e5c32277735b5dbec88c0; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 308 files
Ubuntu 67 files
Debian 24 files
Gentoo 8 files
Google Security Research 7 files
LiquidWorm 6 files
Apple 5 files
Jann Horn 3 files
Spencer McIntyre 3 files
Milad Karimi 3 files

File Archives

Systems

AIX (430)
Apple (2,133)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,177)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,607)
HPUX (881)
iOS (395)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (52,160)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (17,495)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (10,025)
UNIX (9,482)
UnixWare (188)
Windows (6,786)
Other

CVE-2009-2528

Overview

Related Files

File Archive:

December 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems