Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2009-0220

EPSS 70.61% · P99
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2009-0220

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Multiple stack-based buffer overflows in the PowerPoint 4.0 importer (PP4X32.DLL) in Microsoft Office PowerPoint 2000 SP3, 2002 SP3, and 2003 SP3 allow remote attackers to execute arbitrary code via crafted formatting data for paragraphs in a file that uses a PowerPoint 4.0 native file format, related to (1) an incorrect calculation from a record header, or (2) an interget that is used to specify the number of bytes to copy, aka "Legacy File Format Vulnerability."
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Microsoft PowerPoint PP4X32.DLL库多个栈溢出漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Microsoft PowerPoint是美国微软(Microsoft)公司的Office套件中的一个文档演示工具。 PowerPoint的PP4X32.DLL库所提供的PowerPoint 4.0格式文件导入器中存在多个栈溢出漏洞。第一个溢出出现在从文件读取记录头的过程中:由于错误的计算了缓冲区大小,可能会导致溢出;第二个溢出出现在从文件读取记录数据的过程中:从文件读取的整数被用于控制拷贝到固定大小栈缓冲区的字节数,这也可能会导致溢出。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Shenlong Deep Dive — AI Deep Analysis

10-question deep dive: root cause, exploitation, mitigation, urgency. Read summary free, full version requires login.

Read summary Full analysis (login)

Affected Products

VendorProductAffected VersionsCPESubscribe
-n/a n/a -

II. Public POCs for CVE-2009-0220

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2009-0220

登录查看更多情报信息。

Same Patch Batch · n/a · 2009-05-12 · 27 CVEs total

CVE-2008-6807Ibiblio Osprey 'ListRecords.php'多个远程文件包含漏洞
CVE-2009-1627SDP Downloader ASX文件处理堆溢出漏洞
CVE-2009-1626EZ-Blog 'public/specific.php' SQL注入漏洞
CVE-2009-1625Thickbox Gallery 'index.php' 本地文件包含漏洞
CVE-2009-1624Dew-Code Dew-NewPHPLinks 'index.php' 本地文件目录遍历漏洞
CVE-2009-1623Dew-Code Dew-NewPHPLinks 'index.php' 本地文件包含和跨站脚本攻击漏洞
CVE-2009-1622ECShop 'user.php' SQL注入漏洞
CVE-2009-1621OpenCart 'index.php' 本地文件目录遍历漏洞
CVE-2009-1620MataChat 'input.php' 多个跨站脚本攻击漏洞
CVE-2009-1619Teraway FileStream twFSadmin cookieCookie认证绕过漏洞
CVE-2009-1618Teraway LinkTracker TWLHadmin cookie Cookie认证绕过漏洞
CVE-2009-1617Teraway LinkTracker twLTadmin Cookie认证绕过漏洞
CVE-2008-6808Scripts For Sites EZ Link Directory 'links.php' SQL注入漏洞
CVE-2009-0221Microsoft PowerPoint无效记录类型整数溢出漏洞
CVE-2008-68067-Shop 'imageupload.php'任意文件上传漏洞
CVE-2009-1137Microsoft PowerPoint PP4X32.DLL库栈溢出漏洞
CVE-2009-1131Microsoft PowerPoint 数据越界栈溢出漏洞
CVE-2009-1130Microsoft PowerPoint Notes容器堆溢出漏洞
CVE-2009-1129Microsoft PowerPoint PP7X32.DLL库栈溢出漏洞
CVE-2009-1128Microsoft PowerPoint PP7X32.DLL 多个栈溢出漏洞

Showing top 20 of 27 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a
Same vendor: n/a

V. Comments for CVE-2009-0220

No comments yet

Leave a comment