Vulnerability Description
Buffer overflow in the Office Web Components ActiveX Control in Microsoft Office XP SP3, Office 2000 Web Components SP3, Office XP Web Components SP3, BizTalk Server 2002, and Visual Studio .NET 2003 SP1 allows remote attackers to execute arbitrary code via crafted property values, aka "Office Web Components Buffer Overflow Vulnerability."
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Microsoft | Biztalk Server | 2002 |
| Microsoft | Isa Server | 2004 |
| Microsoft | Office | - |
| Microsoft | Office Web Components | 2000 |
| Microsoft | Visual Studio .Net | 2003 |
Related Weaknesses (CWE)
References
- http://osvdb.org/56916
- http://www.securityfocus.com/bid/35992Patch
- http://www.securitytracker.com/id?1022708
- http://www.us-cert.gov/cas/techalerts/TA09-223A.htmlUS Government Resource
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-04
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3
- http://osvdb.org/56916
- http://www.securityfocus.com/bid/35992Patch
- http://www.securitytracker.com/id?1022708
- http://www.us-cert.gov/cas/techalerts/TA09-223A.htmlUS Government Resource
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-04
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3
FAQ
What is CVE-2009-1534?
CVE-2009-1534 is a vulnerability with a CVSS score of 9.3 (HIGH). Buffer overflow in the Office Web Components ActiveX Control in Microsoft Office XP SP3, Office 2000 Web Components SP3, Office XP Web Components SP3, BizTalk Server 2002, and Visual Studio .NET 2003 ...
How severe is CVE-2009-1534?
CVE-2009-1534 has been rated HIGH with a CVSS base score of 9.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2009-1534?
Check the references section above for vendor advisories and patch information. Affected products include: Microsoft Biztalk Server, Microsoft Isa Server, Microsoft Office, Microsoft Office Web Components, Microsoft Visual Studio .Net.