New Search

Office Web Components Heap Corruption Vulnerability

oval:org.mitre.oval:def:5645

Heap-based buffer overflow in the Office Web Components ActiveX Control in Microsoft Office XP SP3 Office 2003 SP3 Office XP Web Components SP3 Office 2003 Web Components SP3 Office 2003 Web Components SP1 for the 2007 Microsoft Office System Internet Security and Acceleration (ISA) Server 2004 SP3 and 2006 SP1 and Office Small Business Accounting 2006 allows remote attackers to execute arbitrary code via unspecified parameters to unknown methods aka "Office Web Components Heap Corruption Vulnerability."

Family:
windows
Status:
ACCEPTED
Platform(s):
  • Microsoft Windows 2000
  • Microsoft Windows XP
  • Microsoft Windows Vista
  • Microsoft Windows Server 2003
  • Microsoft Windows Server 2008
Class:
vulnerability
Reference(s):
  • CVE-2009-2496
Product(s):
  • Microsoft Office 2003
  • Microsoft Office 2007
  • Microsoft Office XP
  • Microsoft Office 2003 Web Components
  • Microsoft Office Small Business Accounting 2006
  • Microsoft Internet Security and Acceleration Server 2004
  • Microsoft Internet Security and Acceleration Server 2006
  • Microsoft Office XP Web Components