|
|
|||
| Rule General Information |
|---|
| Release Date: | 2015-12-22 | |
| Rule Name: | WEB-ACTIVEX Microsoft Office Web Components Activex Control Remote Code Execution Vulnerability -1 (CVE-2009-1534) | |
| Severity: | ||
| CVE ID: | ||
| Rule Protection Details |
|---|
| Description: | Buffer overflow in the Office Web Components ActiveX Control in Microsoft Office XP SP3, Office 2000 Web Components SP3, Office XP Web Components SP3, BizTalk Server 2002, and Visual Studio .NET 2003 SP1 allows remote attackers to execute arbitrary code via crafted property values, aka "Office Web Components Buffer Overflow Vulnerability." | |
| Impact: | An attacker can execute arbitrary code via a successful exploit in the context of the vulnerable software. | |
| Affected OS: | Windows | |
| Reference: | http://www.microsoft.com/technet/security/Bulletin/MS09-043.mspx SecurityFocusBID:35992 SecurityTrackerID:1022708 |
|
| Solutions |
|---|
| Microsoft has released a patch MS09-043 to eliminate the vulnerability. The patch can be downloaded at http://www.microsoft.com/technet/security/Bulletin/MS09-043.mspx |