Showing 1 - 1 of 1

CVE-2009-2528

Status Candidate

Overview

GDI+ in Microsoft Office XP SP3 does not properly handle malformed objects in Office Art Property Tables, which allows remote attackers to execute arbitrary code via a crafted Office document that triggers memory corruption, aka "Memory Corruption Vulnerability."

Related Files

iDEFENSE Security Advisory 2009-10-13.4: Posted Oct 15, 2009; Authored by iDefense Labs, Marsu | Site idefense.com; iDefense Security Advisory 10.13.09 - Remote exploitation of a memory corruption vulnerability in Microsoft Corp.'s Office could allow an attacker to execute arbitrary code with the privileges of the current user. The vulnerability occurs when parsing the msofbtOPT Office Drawing record type. This record is used to provide default values for shape properties. By inserting a specially crafted property ID, it is possible to corrupt heap memory and overwrite an object pointer. iDefense has confirmed the existence of this vulnerability in Office XP SP3.; tags | advisory, remote, arbitrary; advisories | CVE-2009-2528; SHA-256 | 46af8ea0d27e803521a04613c0afa93c64815bbde88e5c32277735b5dbec88c0; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 119 files
Ubuntu 103 files
Debian 15 files
Rafael Pedrero 11 files
Apple 9 files
Google Security Research 9 files
Abdulhakim Oner 8 files
nu11secur1ty 8 files
Hubert Wojciechowski 6 files
Ivan Fratric 5 files

File Archives

Systems

AIX (426)
Apple (1,960)
BSD (372)
CentOS (56)
Cisco (1,919)
Debian (6,715)
Fedora (1,691)
FreeBSD (1,244)
Gentoo (4,288)
HPUX (878)
iOS (340)
iPhone (108)
IRIX (220)
Juniper (67)
Linux (45,153)
Mac OS X (684)
Mandriva (3,105)
NetBSD (256)
OpenBSD (482)
RedHat (12,930)
Slackware (941)
Solaris (1,609)
SUSE (1,444)
Ubuntu (8,462)
UNIX (9,208)
UnixWare (185)
Windows (6,533)
Other

CVE-2009-2528

Overview

Related Files

File Archive:

March 2023

Top Authors In Last 30 Days

File Tags

File Archives

Systems