CVE-2009-2518

2009-10-14 12:30:01 2018-10-12 23:52:00

Integer overflow in GDI+ in Microsoft Office XP SP3 allows remote attackers to execute arbitrary code via an Office document with a bitmap (aka BMP) image that triggers memory corruption, aka "Office BMP Integer Overflow Vulnerability."

Vector

NETWORK

Complexity

MEDIUM

Authentication

NONE

Confidentiality

COMPLETE

Integrity

COMPLETE

Availability

COMPLETE

Microsoft Office XP Service Pack 3

Microsoft - Office

Advisory	Patch	Confirmed	Link
			TA09-286A
			MS09-062

KB958869 | MS09-062 - Vulnerabilities in GDI+ Could Allow Remote Code Execution KB970892 | MS09-062 - Vulnerabilities in GDI+ Could Allow Remote Code Execution KB970894 | MS09-062 - Vulnerabilities in GDI+ Could Allow Remote Code Execution KB970895 | MS09-062 - Vulnerabilities in GDI+ Could Allow Remote Code Execution KB970896 | MS09-062 - Vulnerabilities in GDI+ Could Allow Remote Code Execution KB970899 | MS09-062 - Vulnerabilities in GDI+ Could Allow Remote Code Execution KB971022 | MS09-062 - Vulnerabilities in GDI+ Could Allow Remote Code Execution KB971023 | MS09-062 - Vulnerabilities in GDI+ Could Allow Remote Code Execution KB971104 | MS09-062 - Vulnerabilities in GDI+ Could Allow Remote Code Execution KB971105 | MS09-062 - Vulnerabilities in GDI+ Could Allow Remote Code Execution KB971108 | MS09-062 - Vulnerabilities in GDI+ Could Allow Remote Code Execution KB971110 | MS09-062 - Vulnerabilities in GDI+ Could Allow Remote Code Execution KB971111 | MS09-062 - Vulnerabilities in GDI+ Could Allow Remote Code Execution KB971117 | MS09-062 - Vulnerabilities in GDI+ Could Allow Remote Code Execution KB971118 | MS09-062 - Vulnerabilities in GDI+ Could Allow Remote Code Execution KB971119 | MS09-062 - Vulnerabilities in GDI+ Could Allow Remote Code Execution KB972221 | MS09-062 - Vulnerabilities in GDI+ Could Allow Remote Code Execution KB972222 | MS09-062 - Vulnerabilities in GDI+ Could Allow Remote Code Execution KB972580 | MS09-062 - Vulnerabilities in GDI+ Could Allow Remote Code Execution KB972581 | MS09-062 - Vulnerabilities in GDI+ Could Allow Remote Code Execution KB973636 | MS09-062 - Vulnerabilities in GDI+ Could Allow Remote Code Execution KB974811 | MS09-062 - Vulnerabilities in GDI+ Could Allow Remote Code Execution KB975337 | MS09-062 - Vulnerabilities in GDI+ Could Allow Remote Code Execution KB975365 | MS09-062 - Vulnerabilities in GDI+ Could Allow Remote Code Execution KB975962 | MS09-062 - Vulnerabilities in GDI+ Could Allow Remote Code Execution

Numeric Errors (ID 189)