CVE-2009-2528
published 2009-10-14CVE-2009-2528: GDI+ in Microsoft Office XP SP3 does not properly handle malformed objects in Office Art Property Tables, which allows remote attackers to execute arbitrary…
critical9.3CVSS 3.1
AVNACMAuNCCICAC
GDI+ in Microsoft Office XP SP3 does not properly handle malformed objects in Office Art Property Tables, which allows remote attackers to execute arbitrary code via a crafted Office document that triggers memory corruption, aka "Memory Corruption Vulnerability."
Affected
25 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | excel_viewer | — | — |
| microsoft | expression_web | — | — |
| microsoft | forefront_client_security | — | — |
| microsoft | internet_explorer | — | — |
| microsoft | net_framework | — | — |
| microsoft | net_framework | — | — |
| microsoft | office | — | — |
| microsoft | office | — | — |
| microsoft | office | — | — |
| microsoft | office_compatibility_pack | — | — |
| microsoft | office_groove | — | — |
| microsoft | office_powerpoint_viewer | — | — |
| microsoft | project | — | — |
| microsoft | report_viewer | — | — |
| microsoft | report_viewer | — | — |
| microsoft | sql_server | — | — |
| microsoft | sql_server_reporting_services | — | — |
| microsoft | visio | — | — |
| microsoft | visual_foxpro | — | — |
| microsoft | visual_foxpro | — | — |
| microsoft | visual_studio | — | — |
| microsoft | visual_studio_net | — | — |
| microsoft | visual_studio_net | — | — |
| microsoft | word_viewer | — | — |
| microsoft | works | — | — |