Test ID:	1.3.6.1.4.1.25623.1.0.800382
Category:	Windows : Microsoft Bulletins
Title:	Microsoft PowerPoint File Parsing Remote Code Execution Vulnerability (967340)
Summary:	This host is missing a critical security update according to; Microsoft Bulletin MS09-017.
Description:	Summary: This host is missing a critical security update according to Microsoft Bulletin MS09-017. Vulnerability Insight: Please see the references for more information about the vulnerabilities. Vulnerability Impact: Successful exploitation will let the attacker execute arbitrary codes, and can cause Memory Corruption, Integer Overflow and other attacks in the context of the application through crafting malicious codes inside a powerpoint file. Affected Software/OS: MS PowerPoint 2000 Service Pack 3 and prior MS PowerPoint 2002 Service Pack 3 and prior MS PowerPoint 2003 Service Pack 3 and prior MS PowerPoint 2007 Service Pack 2 and prior MS PowerPoint Viewer 2003/2007 Solution: The vendor has released updates. Please see the references for more information. CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2009-0556 BugTraq ID: 34351 http://www.securityfocus.com/bid/34351 Bugtraq: 20090512 ZDI-09-019: Microsoft Office PowerPoint OutlineTextRefAtom Parsing Memory Corruption Vulnerability (Google Search) http://www.securityfocus.com/archive/1/503453/100/0/threaded Cert/CC Advisory: TA09-132A http://www.us-cert.gov/cas/techalerts/TA09-132A.html CERT/CC vulnerability note: VU#627331 http://www.kb.cert.org/vuls/id/627331 http://www.zerodayinitiative.com/advisories/ZDI-09-019 Microsoft Security Bulletin: MS09-017 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-017 http://osvdb.org/53182 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6204 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6279 http://www.securitytracker.com/id?1021967 http://secunia.com/advisories/34572 http://www.vupen.com/english/advisories/2009/0915 http://www.vupen.com/english/advisories/2009/1290 XForce ISS Database: powerpoint-unspecified-code-execution(49632) https://exchange.xforce.ibmcloud.com/vulnerabilities/49632 Common Vulnerability Exposure (CVE) ID: CVE-2009-0220 BugTraq ID: 34833 http://www.securityfocus.com/bid/34833 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=790 http://osvdb.org/54386 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5610 http://www.securitytracker.com/id?1022205 http://secunia.com/advisories/32428 Common Vulnerability Exposure (CVE) ID: CVE-2009-0221 BugTraq ID: 34835 http://www.securityfocus.com/bid/34835 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=796 http://osvdb.org/54394 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6127 Common Vulnerability Exposure (CVE) ID: CVE-2009-0222 BugTraq ID: 34831 http://www.securityfocus.com/bid/34831 http://www.vupen.com/exploits/Microsoft_PowerPoint_Memory_Corruption_Code_Execution_Exploit_MS09_017_1290124.php http://www.vupen.com/exploits/Microsoft_PowerPoint_Pointer_Overwrite_Code_Execution_Exploit_MS09_017_1290123.php http://osvdb.org/54382 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6143 Common Vulnerability Exposure (CVE) ID: CVE-2009-0223 BugTraq ID: 34834 http://www.securityfocus.com/bid/34834 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6269 Common Vulnerability Exposure (CVE) ID: CVE-2009-0224 BugTraq ID: 34879 http://www.securityfocus.com/bid/34879 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=793 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6023 Common Vulnerability Exposure (CVE) ID: CVE-2009-0225 BugTraq ID: 34880 http://www.securityfocus.com/bid/34880 http://www.vupen.com/exploits/Microsoft_PowerPoint_Array_Indexing_Code_Execution_Exploit_MS09_017_1290125.php http://osvdb.org/54388 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5526 Common Vulnerability Exposure (CVE) ID: CVE-2009-0226 BugTraq ID: 34881 http://www.securityfocus.com/bid/34881 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=789 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6106 Common Vulnerability Exposure (CVE) ID: CVE-2009-0227 BugTraq ID: 34882 http://www.securityfocus.com/bid/34882 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=787 http://osvdb.org/54384 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6239 Common Vulnerability Exposure (CVE) ID: CVE-2009-1128 BugTraq ID: 34837 http://www.securityfocus.com/bid/34837 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5416 Common Vulnerability Exposure (CVE) ID: CVE-2009-1129 BugTraq ID: 34839 http://www.securityfocus.com/bid/34839 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=791 http://osvdb.org/54387 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6176 Common Vulnerability Exposure (CVE) ID: CVE-2009-1130 BugTraq ID: 34840 http://www.securityfocus.com/bid/34840 Bugtraq: 20090512 ZDI-09-020: Microsoft Office PowerPoint Notes Container Heap Overflow Vulnerability (Google Search) http://www.securityfocus.com/archive/1/503454 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=794 http://www.zerodayinitiative.com/advisories/ZDI-09-020/ https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5961 Common Vulnerability Exposure (CVE) ID: CVE-2009-1131 BugTraq ID: 34841 http://www.securityfocus.com/bid/34841 Bugtraq: 20090512 Secunia Research: Microsoft PowerPoint Atom Parsing Buffer Overflows (Google Search) http://www.securityfocus.com/archive/1/503451 http://secunia.com/secunia_research/2008-46/ http://osvdb.org/54393 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5351 Common Vulnerability Exposure (CVE) ID: CVE-2009-1137 BugTraq ID: 34876 http://www.securityfocus.com/bid/34876 http://osvdb.org/54381 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5946 XForce ISS Database: powerpoint-sounddata-code-execution(50425) https://exchange.xforce.ibmcloud.com/vulnerabilities/50425 Common Vulnerability Exposure (CVE) ID: CVE-2009-0202 BugTraq ID: 35275 http://www.securityfocus.com/bid/35275 Bugtraq: 20090610 Secunia Research: Microsoft PowerPoint Freelance Layout Parsing Vulnerability (Google Search) http://www.securityfocus.com/archive/1/504215/100/0/threaded http://secunia.com/secunia_research/2009-29/ http://www.osvdb.org/54961 http://securitytracker.com/id?1022369 http://secunia.com/advisories/35184 XForce ISS Database: ms-powerpoint-freelance-bo(51034) https://exchange.xforce.ibmcloud.com/vulnerabilities/51034
Copyright	Copyright (C) 2009 Greenbone Networks GmbH

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.