Skip to content

Commit 35ce125

Browse files
committed
add: AVE-2025-0019
1 parent bdbdc5b commit 35ce125

1 file changed

Lines changed: 14 additions & 10 deletions

File tree

vulns/2009/AVE-2009-0002.toml

Lines changed: 14 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -1,12 +1,16 @@
11
[basic]
2-
description = "Vulnerability identified as CVE-2009-0556. Please refer to vendor advisory for details."
3-
published = "2026-07-10"
4-
remediation = "Refer to vendor advisory and upgrade to fixed version."
5-
score = 5.0
6-
severity = "MEDIUM"
7-
sources = ["kev"]
8-
title = "CVE-2009-0556 vulnerability"
9-
updated = "2026-07-10"
2+
description = "Microsoft Office PowerPoint 2000 SP3、2002 SP3、2003 SP3 以及 Mac 版 Office 2004 中的 PowerPoint 在处理包含无效索引值的 OutlineTextRefAtom 时存在内存破坏漏洞,远程攻击者可通过构造特制的 PPT 或 PPS 文件并诱使用户打开来触发,成功利用可导致任意代码执行。该漏洞在 2009 年 4 月已被在野利用,属于 CISA KEV 已知利用漏洞。"
3+
published = "2009-04-03"
4+
remediation = "安装微软 MS09-017 安全更新修复该漏洞,升级 Office 至最新版本;根据 CISA KEV 要求立即应用厂商缓解措施,或停止使用受影响产品。"
5+
score = 8.8
6+
severity = "HIGH"
7+
sources = ["kev", "nvd"]
8+
title = "Microsoft Office PowerPoint 内存破坏代码执行漏洞"
9+
updated = "2026-06-16"
10+
11+
[affected]
12+
product = "Office PowerPoint"
13+
vendor = "Microsoft"
1014

1115
[exploit]
1216
exp_urls = []
@@ -18,8 +22,8 @@ ave_id = "AVE-2009-0002"
1822
cve_id = "CVE-2009-0556"
1923

2024
[meta]
21-
collected_at = "2026-07-10T12:52:04.537215719+00:00"
25+
collected_at = "2026-07-11T01:07:20+00:00"
2226
status = "completed"
2327

2428
[references]
25-
urls = []
29+
urls = ["https://nvd.nist.gov/vuln/detail/CVE-2009-0556", "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-017", "http://www.zerodayinitiative.com/advisories/ZDI-09-019", "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"]

0 commit comments

Comments
 (0)