Buffer Overflow in Microsoft Office Web Components ActiveX Control
CVE-2009-1534

Currently unrated

Key Information:

Vendor: Microsoft
Status: Office Web Components; Office; Isa Server
Vendor: CVE Published:; 12 August 2009

Summary

A buffer overflow vulnerability exists in the Office Web Components ActiveX Control utilized in several Microsoft products. This flaw allows remote attackers to craft specific property values that may lead to the execution of arbitrary code. If exploited, it can compromise application integrity and facilitate unauthorized activities on the affected systems.

References

http://osvdb.org/56916

vdb-entryx_refsource_OSVDB

http://www.us-cert.gov/cas/techalerts/TA09-223A.html

third-party-advisoryx_refsource_CERT

https://oval.cisecurity.org/repository/search/definition/...

vdb-entrysignaturex_refsource_OVAL

EPSS Score

75% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Aug 12, 2009
Vulnerability Reserved
May 5, 2009