CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2009-2528

GDI+ in Microsoft Office XP SP3 does not properly handle malformed objects in Office Art Property Tables, which allows remote attackers to execute arbitrary code via a crafted Office document that triggers memory corruption, aka "Memory Corruption Vulnerability."

Exploit prediction scoring system (EPSS) score

EPSS Score 0.561

EPSS Ranking 97.9%

CVSS Severity

CVSS v2 Score 9.3

References

Products affected by CVE-2009-2528

Microsoft » .net Framework » Version: 1.1

cpe:2.3:a:microsoft:.net_framework:1.1
Microsoft » .net Framework » Version: 2.0

cpe:2.3:a:microsoft:.net_framework:2.0
Microsoft » Excel Viewer » Version: 2003

cpe:2.3:a:microsoft:excel_viewer:2003
Microsoft » Expression Web » Version: N/A

cpe:2.3:a:microsoft:expression_web:-
Microsoft » Expression Web » Version: 2

cpe:2.3:a:microsoft:expression_web:2
Microsoft » Forefront Client Security » Version: 1.0

cpe:2.3:a:microsoft:forefront_client_security:1.0
Microsoft » Internet Explorer » Version: 6

cpe:2.3:a:microsoft:internet_explorer:6
Microsoft » Office » Version: 2003

cpe:2.3:a:microsoft:office:2003
Microsoft » Office » Version: 2007

cpe:2.3:a:microsoft:office:2007
Microsoft » Office » Version: xp

cpe:2.3:a:microsoft:office:xp
Microsoft » Office Compatibility Pack » Version: 2007

cpe:2.3:a:microsoft:office_compatibility_pack:2007
Microsoft » Office Excel Viewer » Version: N/A

cpe:2.3:a:microsoft:office_excel_viewer:-
Microsoft » Office Groove » Version: 2007

cpe:2.3:a:microsoft:office_groove:2007
Microsoft » Office Powerpoint Viewer » Version: N/A

cpe:2.3:a:microsoft:office_powerpoint_viewer:-
Microsoft » Office Powerpoint Viewer » Version: 2007

cpe:2.3:a:microsoft:office_powerpoint_viewer:2007
Microsoft » Office Word Viewer » Version: N/A

cpe:2.3:a:microsoft:office_word_viewer:-
Microsoft » Office Word Viewer » Version: 2003

cpe:2.3:a:microsoft:office_word_viewer:2003
Microsoft » Platform Sdk » Version: Any

cpe:2.3:a:microsoft:platform_sdk:*
Microsoft » Project » Version: 2002

cpe:2.3:a:microsoft:project:2002
Microsoft » Report Viewer » Version: 2005

cpe:2.3:a:microsoft:report_viewer:2005
Microsoft » Report Viewer » Version: 2008

cpe:2.3:a:microsoft:report_viewer:2008
Microsoft » Sql Server » Version: 2005

cpe:2.3:a:microsoft:sql_server:2005
Microsoft » Sql Server Reporting Services » Version: 2000

cpe:2.3:a:microsoft:sql_server_reporting_services:2000
Microsoft » Visio » Version: 2002

cpe:2.3:a:microsoft:visio:2002
Microsoft » Visual Foxpro » Version: 8.0

cpe:2.3:a:microsoft:visual_foxpro:8.0
Microsoft » Visual Foxpro » Version: 9.0

cpe:2.3:a:microsoft:visual_foxpro:9.0
Microsoft » Visual Studio » Version: 2008

cpe:2.3:a:microsoft:visual_studio:2008
Microsoft » Visual Studio .net » Version: 2003

cpe:2.3:a:microsoft:visual_studio_.net:2003
Microsoft » Visual Studio .net » Version: 2005

cpe:2.3:a:microsoft:visual_studio_.net:2005
Microsoft » Word Viewer » Version: 2003

cpe:2.3:a:microsoft:word_viewer:2003
Microsoft » Works » Version: 8.5

cpe:2.3:a:microsoft:works:8.5
Microsoft » Windows 2000 » Version: N/A

cpe:2.3:o:microsoft:windows_2000:-
Microsoft » Windows 2003 Server » Version: N/A

cpe:2.3:o:microsoft:windows_2003_server:-
Microsoft » Windows Server 2008 » Version: N/A

cpe:2.3:o:microsoft:windows_server_2008:-
Microsoft » Windows Server 2008 » Version: r2

cpe:2.3:o:microsoft:windows_server_2008:r2
Microsoft » Windows Vista » Version: N/A

cpe:2.3:o:microsoft:windows_vista:-
Microsoft » Windows Xp » Version: Any

cpe:2.3:o:microsoft:windows_xp:*
Microsoft » Windows Xp » Version: N/A

cpe:2.3:o:microsoft:windows_xp:-
Microsoft » Windows Xp » Version: unknown

cpe:2.3:o:microsoft:windows_xp:unknown

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2009-2528

Products

Pricing

Contact Us