Vulnerability Details : CVE-2009-1128

Microsoft Office PowerPoint 2000 SP3, 2002 SP3, and 2003 SP3 allows remote attackers to execute arbitrary code via crafted sound data in a file that uses a PowerPoint 95 native file format, leading to memory corruption, aka "PP7 Memory Corruption Vulnerability," a different vulnerability than CVE-2009-1129.
Publish Date : 2009-05-12 Last Update Date : 2017-09-28

Collapse All Expand All Select Select&Copy	Scroll To Vendor Statements(0) Additional Vendor Data(0) OVAL Definitions(0) Vulnerable Products(0) # Of Vulns By Products References(0) Metasploit Modules(0)	Comments View User Comments Add Comment	External Links Secunia Advisories XForce Advisories Vulnerability Details at NVD Vulnerability Details at Mitre Nessus Plugins Linux Kernel Git Repository First CVSS Guide
Search Twitter Search YouTube Search Google

- CVSS Scores & Vulnerability Types

CVSS Score	9.3
Confidentiality Impact	Complete (There is total information disclosure, resulting in all system files being revealed.)
Integrity Impact	Complete (There is a total compromise of system integrity. There is a complete loss of system protection, resulting in the entire system being compromised.)
Availability Impact	Complete (There is a total shutdown of the affected resource. The attacker can render the resource completely unavailable.)
Access Complexity	Medium (The access conditions are somewhat specialized. Some preconditions must be satistified to exploit)
Authentication	Not required (Authentication is not required to exploit the vulnerability.)
Gained Access	None
Vulnerability Type(s)	Execute CodeMemory corruption
CWE ID	94

- Related OVAL Definitions

Title	Definition Id	Class	Family
PP7 Memory Corruption Vulnerability	oval:org.mitre.oval:def:5416		windows

OVAL (Open Vulnerability and Assessment Language) definitions define exactly what should be done to verify a vulnerability or a missing patch. Check out the OVAL definitions if you want to learn what you should do to verify a vulnerability.

- Products Affected By CVE-2009-1128

#	Product Type	Vendor	Product	Version	Update
1	Application	Microsoft	Office Powerpoint	2000	SP3	Version Details Vulnerabilities
2	Application	Microsoft	Office Powerpoint	2002	SP3	Version Details Vulnerabilities
3	Application	Microsoft	Office Powerpoint	2003	SP3	Version Details Vulnerabilities

- Number Of Affected Versions By Product

Vendor	Product	Vulnerable Versions
Microsoft	Office Powerpoint	3

- References For CVE-2009-1128

http://www.vupen.com/english/advisories/2009/1290
VUPEN ADV-2009-1290

http://www.us-cert.gov/cas/techalerts/TA09-132A.html
CERT TA09-132A

http://www.securitytracker.com/id?1022205
SECTRACK 1022205

http://www.securityfocus.com/bid/34837
BID 34837 Microsoft PowerPoint Sound Data (CVE-2009-1128) Multiple Remote Code Execution Vulnerabilities Release Date:2009-05-13

http://technet.microsoft.com/en-us/security/bulletin/ms09-017
Microsoft Security Bulletin MS09-017 Vulnerabilities in Microsoft Office PowerPoint Could Allow Remote Code Execution (967340) This security update resolves a publicly disclosed vulnerability and several privately reported vulnerabilities in Microsoft Office PowerPoint that could allow remote code execution if a user opens a specially crafted PowerPoint file. An attacker who successfully exploited any of these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

- Metasploit Modules Related To CVE-2009-1128

There are not any metasploit modules related to this CVE entry (Please visit www.metasploit.com for more information)