top of page
perceptive_background_267k.jpg

Microsoft Office PowerPoint contains a code injection vulnerability that allows remote attackers to execute arbitrary code via a PowerPoint file with an Outlineā€¦

Published:

7 januari 2026 om 00:00:00

Alert date:

7 januari 2026 om 19:02:29

Source:

cisa.gov

Click to open the original link from this advisory

Microsoft Office PowerPoint contains a code injection vulnerability (CVE-2009-0556) that allows remote attackers to execute arbitrary code through malicious PowerPoint files. The vulnerability is triggered by a PowerPoint file containing an OutlineTextRefAtom with an invalid index value that causes memory corruption. Attackers can exploit this flaw to gain remote code execution on affected systems. This is a high-severity vulnerability that was addressed in Microsoft's MS09-017 security bulletin. The vulnerability affects PowerPoint's handling of specific file structures and can be exploited without user authentication.

Technical details

Mitigation steps:

Affected products:

Microsoft Office PowerPoint

Related links:

https://nvd.nist.gov/vuln/detail/CVE-2009-0556
https://learn.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-017

Related CVE's:

Related threat actors:

IOC's:

This article was created with the assistance of AI technology by Perceptive.

About us

© 2025 by Perceptive Security. All rights reserved.

email: info@perceptivesecurity.com

Deze website toont informatie afkomstig van externe bronnen; Perceptive aanvaardt geen verantwoordelijkheid voor de juistheid, volledigheid of actualiteit van deze informatie.

bottom of page