Heap-Based Buffer Overflow in Microsoft Office ActiveX Control
CVE-2009-2496

Currently unrated

Key Information:

Vendor

Microsoft
Status
Visual Studio .net
Office Web Components
Biztalk Server
Office
Vendor
CVE Published:
12 August 2009

What is CVE-2009-2496?

A vulnerability in the Office Web Components ActiveX Control allows remote attackers to execute arbitrary code by exploiting a heap-based buffer overflow. This issue is present in several versions of Microsoft Office and its related components, leading to potential system compromise through the manipulation of input parameters. The vulnerability underscores the importance of securing ActiveX controls, especially in corporate environments relying on Microsoft solutions.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.us-cert.gov/cas/techalerts/TA09-223A.html
third-party-advisoryx_refsource_CERT
http://www.securitytracker.com/id?1022708
vdb-entryx_refsource_SECTRACK
https://oval.cisecurity.org/repository/search/definition/...
vdb-entrysignaturex_refsource_OVAL

EPSS Score

59% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.