SB2009051201 - Multiple vulnerabilities in Microsoft Powerpoint
Published: May 12, 2009 Updated: January 7, 2026
Security Bulletin ID
SB2009051201
Severity
Critical
Patch available
YES
Number of vulnerabilities
14
Exploitation vector
Remote access
Highest impact
Code execution
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 14 secuirty vulnerabilities.
1) Memory corruption (CVE-ID: CVE-2009-1137)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.The weakness exists due to boundary error when handling malformed PowerPoint files. A remote attacker can create a specially crafted PowerPoint file containing sound data, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system with privileges of the current user.
Successful exploitation of the vulnerability results in arbitrary code execution on the vulnerable system.
2) Stack-based buffer overflow (CVE-ID: CVE-2009-1131)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.The weakness exists due to stack-based buffer overflow when handling malformed PowerPoint files. A remote attacker can create a specially crafted PowerPoint file, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system with privileges of the current user.
Successful exploitation of the vulnerability results in arbitrary code execution on the vulnerable system.
3) Heap-based buffer overflow (CVE-ID: CVE-2009-1130)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.The weakness exists due to heap-based buffer overflow when handling malformed PowerPoint files. A remote attacker can create a specially PowerPoint file containing a malformed structure value, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system with privileges of the current user.
Successful exploitation of the vulnerability results in arbitrary code execution on the vulnerable system.
4) Stack-based buffer overflow (CVE-ID: CVE-2009-1129)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.The weakness exists due to stack-based buffer overflow when handling malformed PowerPoint files. A remote attacker can create a specially crafted PowerPoint file containing sound data with inconsistent record length, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system with privileges of the current user.
Successful exploitation of the vulnerability results in arbitrary code execution on the vulnerable system.
5) Memory corruption (CVE-ID: CVE-2009-1128)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.The weakness exists due to boundary error when handling malformed PowerPoint files. A remote attacker can create a specially crafted PowerPoint file containing sound data, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system with privileges of the current user.
Successful exploitation of the vulnerability results in arbitrary code execution on the vulnerable system.
6) Memory corruption (CVE-ID: CVE-2009-0556)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.The weakness exists due to boundary error when handling malformed PowerPoint files. A remote attacker can create a specially crafted PowerPoint file, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system with privileges of the current user.
Successful exploitation of the vulnerability results in arbitrary code execution on the vulnerable system.
Note: this vulnerability was being actively exploited.
7) Stack-based buffer overflow (CVE-ID: CVE-2009-0227)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.The weakness exists due to stack-based buffer overflow when handling malformed PowerPoint files. A remote attacker can create a specially crafted PowerPoint file containing sound data, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system with privileges of the current user.
Successful exploitation of the vulnerability results in arbitrary code execution on the vulnerable system.
8) Stack-based buffer overflow (CVE-ID: CVE-2009-0226)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.The weakness exists due to stack-based buffer overflow when handling malformed PowerPoint files. A remote attacker can create a specially crafted PowerPoint file containing sound data, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system with privileges of the current user.
Successful exploitation of the vulnerability results in arbitrary code execution on the vulnerable system.
9) Memory corruption (CVE-ID: CVE-2009-0225)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.The weakness exists due to ''array indexing'' error when handling malformed PowerPoint files. A remote attacker can create a specially crafted PowerPoint file containing sound data, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system with privileges of the current user.
Successful exploitation of the vulnerability results in arbitrary code execution on the vulnerable system.
10) Memory corruption (CVE-ID: CVE-2009-0224)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.The weakness exists due to boundary error when handling malformed PowerPoint files. A remote attacker can create a specially crafted PowerPoint file containing invalid record type, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system with privileges of the current user.
Successful exploitation of the vulnerability results in arbitrary code execution on the vulnerable system.
11) Memory corruption (CVE-ID: CVE-2009-0223)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.The weakness exists due to boundary error when handling malformed PowerPoint files. A remote attacker can create a specially crafted PowerPoint file containing sound data, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system with privileges of the current user.
Successful exploitation of the vulnerability results in arbitrary code execution on the vulnerable system.
12) Memory corruption (CVE-ID: CVE-2009-0222)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.The weakness exists due to boundary error when handling malformed PowerPoint files. A remote attacker can create a specially crafted PowerPoint file containing sound data, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system with privileges of the current user.
Successful exploitation of the vulnerability results in arbitrary code execution on the vulnerable system.
13) Integer Overflow or Wraparound (CVE-ID: CVE-2009-0221)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.The weakness exists due to stack-based buffer overflow when handling malformed PowerPoint files. A remote attacker can create a specially PowerPoint file containing an invalid record type, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system with privileges of the current user.
Successful exploitation of the vulnerability results in arbitrary code execution on the vulnerable system.
14) Stack-based buffer overflow (CVE-ID: CVE-2009-0220)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.The weakness exists due to stack-based buffer overflow when handling malformed PowerPoint files. A remote attacker can create a specially crafted PowerPoint file, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system with privileges of the current user.
Successful exploitation of the vulnerability results in arbitrary code execution on the vulnerable system.
Remediation
Install update from vendor's website.