CVE-2009-2528 vulnerability in Microsoft Products
Published on October 14, 2009

GDI+ in Microsoft Office XP SP3 does not properly handle malformed objects in Office Art Property Tables, which allows remote attackers to execute arbitrary code via a crafted Office document that triggers memory corruption, aka "Memory Corruption Vulnerability."

Vendor Advisory NVD

Products Associated with CVE-2009-2528

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2009-2528 are published in these products:

Microsoft Windows 2003 Server

Microsoft Windows XP

Microsoft Windows Vista

Microsoft Windows Server 2008

Microsoft Report Viewer

Microsoft Sql Server Reporting Services

Microsoft SQL Server

Microsoft Expression Web

Microsoft Project

Microsoft Office Powerpoint Viewer

Microsoft Office Excel Viewer

Microsoft Office Word Viewer

Microsoft Office Compatibility Pack

Microsoft Office

Microsoft Excel Viewer

Microsoft Visio

Microsoft Works

Microsoft Word Viewer

Microsoft Office Groove

Microsoft Visual Studio Net

Microsoft Visual Studio

Microsoft Platform Sdk

Exploit Probability

EPSS

41.20%

Percentile

97.31%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2009-2528 vulnerability in Microsoft ProductsPublished on October 14, 2009

Products Associated with CVE-2009-2528

Exploit Probability

CVE-2009-2528 vulnerability in Microsoft Products
Published on October 14, 2009