CVE-2009-0556

Name of the Vulnerable Software and Affected Versions Microsoft Office PowerPoint 2000 SP3 Microsoft Office PowerPoint 2002 SP3 Microsoft Office PowerPoint 2003 SP3 Microsoft Office PowerPoint 2004 for Mac

Description A flaw in Microsoft Office PowerPoint allows remote attackers to execute arbitrary code. This occurs due to the way PowerPoint handles specially crafted PowerPoint files containing an invalid index value within an OutlineTextRefAtom, leading to memory corruption. This issue has been exploited in the wild since April 2009, utilizing the Exploit:Win32/Apptom.gen exploit. The vulnerability is a code injection issue.

Recommendations Microsoft Office PowerPoint 2000 SP3: At the moment, there is no information about a newer version that contains a fix for this vulnerability. Microsoft Office PowerPoint 2002 SP3: At the moment, there is no information about a newer version that contains a fix for this vulnerability. Microsoft Office PowerPoint 2003 SP3: At the moment, there is no information about a newer version that contains a fix for this vulnerability. Microsoft Office PowerPoint 2004 for Mac: At the moment, there is no information about a newer version that contains a fix for this vulnerability.