CVE-2009-0096

CWE-3993 documents3 sources

Severity

9.3CRITICAL

EPSS

63.3%

top 1.60%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Microsoft Visio

Timeline

PublishedFeb 10

Latest updateMay 2

Description

Microsoft Office Visio 2002 SP2, 2003 SP3, and 2007 SP1 does not properly perform memory copy operations for object data, which allows remote attackers to execute arbitrary code via a crafted Visio document, aka "Memory Corruption Vulnerability."

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages1 packages

▶NVDmicrosoft/visio2002, 2003, 2007+2

🔴Vulnerability Details

GHSA

GHSA-r65m-3g44-24hw: Microsoft Office Visio 2002 SP2, 2003 SP3, and 2007 SP1 does not properly perform memory copy operations for object data, which allows remote attacker↗2022-05-02

▶

CVEList

CVE-2009-0096: Microsoft Office Visio 2002 SP2, 2003 SP3, and 2007 SP1 does not properly perform memory copy operations for object data, which allows remote attacker↗2009-02-10

▶