Vulnerability Name: CVE-2009-2500 (CCN-53525) Assigned: 2009-10-13 Published: 2009-10-13 Updated: 2018-10-12 Summary: Integer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP3, Office Excel Viewer 2003 Gold and SP3, Office Excel Viewer, Office PowerPoint Viewer 2007 Gold, SP1, and SP2, Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2, Expression Web, Expression Web 2, Groove 2007 Gold and SP1, Works 8.5, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2 and SP3, Report Viewer 2005 SP1, Report Viewer 2008 Gold and SP1, and Forefront Client Security 1.0 allows remote attackers to execute arbitrary code via a crafted WMF image file, aka "GDI+ WMF Integer Overflow Vulnerability." CVSS v3 Severity: 10.0 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H Exploitability Metrics: Attack Vector (AV): NetworkAttack Complexity (AC): LowPrivileges Required (PR): NoneUser Interaction (UI): NoneScope: Scope (S): ChangedImpact Metrics: Confidentiality (C): HighIntegrity (I): HighAvailibility (A): High
CVSS v2 Severity: 9.3 High (CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C 6.9 Medium (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C Exploitability Metrics: Access Vector (AV): NetworkAccess Complexity (AC): MediumAuthentication (Au): NoneImpact Metrics: Confidentiality (C): CompleteIntegrity (I): CompleteAvailibility (A): Complete
9.3 High (CCN CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C 6.9 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C Exploitability Metrics: Access Vector (AV): NetworkAccess Complexity (AC): MediumAthentication (Au): NoneImpact Metrics: Confidentiality (C): CompleteIntegrity (I): CompleteAvailibility (A): Complete
Vulnerability Type: CWE-189 Vulnerability Consequences: Gain Access References: Source: MITRECVE-2009-2500 Microsoft Products GDI+ Multiple Vulnerabilities Vulnerability in Microsoft Excel Could Allow Remote Code Execution (2640241) Vulnerability in Microsoft Office Could Allow for Remote Code Execution (2639185) Vulnerability in Microsoft Word Could Allow Remote Code Execution (2680352) Combined Security Update for Microsoft Office, Windows, .NET Framework, and Silverlight (2681578) Vulnerability in Microsoft Office Could Allow for Remote Code Execution (2731879) Vulnerabilities in Microsoft Word Could Allow Remote Code Execution (2742319) Vulnerability in Microsoft Works Could Allow Remote Code Execution (KB2754670) Vulnerability in SQL Server Could Allow Elevation of Privilege (2754849) Vulnerability in Microsoft Word Could Allow Remote Code Execution (2780642) Vulnerability in Silverlight Could Allow Remote Code Execution (2814124) Vulnerability in Microsoft Word Could Allow Remote Code Execution (2830399) Vulnerability in Windows Components Could Allow Remote Code Execution (2848295) Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (2845537) Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (2885080) Vulnerabilities in Microsoft Word Could Allow Remote Code Execution (2885084) Vulnerabilities in Microsoft Word and Office Web Apps Could Allow Remote Code Execution (2916605) Vulnerabilities in Microsoft Word and Office Web Apps Could Allow Remote Code Execution (2949660) Vulnerability in Microsoft Word Could Allow Remote Code Execution (2969261) Vulnerability in Windows Journal Could Allow Remote Code Execution (2975689) Vulnerabilities in SQL Server Could Allow Elevation of Privilege (2984340) Vulnerability in Microsoft Word and Office Web Apps Could Allow Remote Code Execution (3000434) Vulnerability in Microsoft Office Could Allow Remote Code Execution (3009710) Vulnerabilities in Microsoft Word and Office Web Apps Could Allow Remote Code Execution (3017301) Vulnerabilities in MicrosoftExcel Could Allow Remote Code Execution (3017347) Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (3080790) Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (3089664) Security Updates for Microsoft Office (3096440) Security Updates for Microsoft Office to Address Remote Code Execution (3104540) Security Update for Microsoft Office to Address Remote Code Execution (3116111) Security Update for Microsoft Office to Address Remote Code Execution - Critical (3124585) Security Update for Microsoft Office to Address Remote Code Execution (3134226) Security Update for Microsoft Office to Address Remote Code Execution (3141806) Security Update for Microsoft Office (3148775) Security Update for Microsoft Office (3155544) Security Update for Office (3163610) Security Updates for Office (3170008) Security Update for Office (3177451) Security Update for Microsoft Office (3185852) Security Update for Microsoft Office (3194063) Security Update for Microsoft Office (3199168) Security Update for Microsoft Office (3204068) Security Update for Microsoft Office (3214291) Security Update for Microsoft Graphics Component (4013075) Security Update for Microsoft Office (4013241) Multiple Microsoft Windows GDI+ Image Remote Code Execution Vulnerabilities Vulnerabilities in GDI+ Could Allow Remote Code Execution (957488) Vulnerability in Microsoft Office (MSO) Could Allow Remote Code Execution (978214) Vulnerabilities in Microsoft Visio Could Allow Remote Code Execution (980094) Vulnerabilities in COM validation in Microsoft Office Could Allow Remote Code Execution (983235 Vulnerabilities in Microsoft Office Word Could Allow Remote Code Execution (2269638) Vulnerability in Microsoft Office Excel Could Allow Remote Code Execution (2269707) Vulnerabilities in Microsoft Word Could Allow Remote Code Execution (2293194) Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (2423930) Vulnerabilities in Microsoft Office Graphics Filters Could Allow for Remote Code Execution (968095) Vulnerabilities in Microsoft Visio Could Allow Remote Code Execution (2451879) Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (2489279) Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (2489293) Vulnerability in GDI+ Could Allow Remote Code Execution (2489979) Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (2537146) Vulnerability in the Microsoft XML Editor Could Allow Information Disclosure (2543893) Vulnerabilities in Microsoft Visio Could Allow Remote Code Execution (2560978) Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (2587505) Microsoft GDI+ WMF File Processing Remote Code Execution Vulnerability TA09-286A MS09-062 win-gdi-wmf-image-code-execution(53525) oval:org.mitre.oval:def:5967 Vulnerable Configuration: Configuration 1 :cpe:/o:microsoft:windows_2003_server:*:sp2:*:*:*:*:*:* OR cpe:/o:microsoft:windows_2003_server:*:sp2:itanium:*:*:*:*:* OR cpe:/o:microsoft:windows_2003_server:*:sp2:x64:*:*:*:*:* OR cpe:/o:microsoft:windows_server_2008:*:*:*:*:*:*:itanium:* OR cpe:/o:microsoft:windows_server_2008:*:*:*:*:*:*:x32:* OR cpe:/o:microsoft:windows_server_2008:*:*:x64:*:*:*:*:* OR cpe:/o:microsoft:windows_vista:*:*:*:*:*:*:*:* OR cpe:/o:microsoft:windows_vista:*:*:x64:*:*:*:*:* OR cpe:/o:microsoft:windows_vista:*:sp1:*:*:*:*:*:* OR cpe:/o:microsoft:windows_vista:*:sp1:x64:*:*:*:*:* OR cpe:/o:microsoft:windows_xp:*:sp2:*:*:*:*:*:* OR cpe:/o:microsoft:windows_xp:*:sp2:professional_x64:*:*:*:*:* OR cpe:/o:microsoft:windows_xp:*:sp3:*:*:*:*:*:* Configuration 2 :cpe:/o:microsoft:windows_2000:*:sp4:*:*:*:*:*:* AND cpe:/a:microsoft:.net_framework:1.1:sp1:*:*:*:*:*:* OR cpe:/a:microsoft:.net_framework:2.0:sp1:*:*:*:*:*:* OR cpe:/a:microsoft:.net_framework:2.0:sp2:*:*:*:*:*:* OR cpe:/a:microsoft:internet_explorer:6:sp1:*:*:*:*:*:* Configuration 3 :cpe:/a:microsoft:report_viewer:2005:sp1:redistributable_package:*:*:*:*:* OR cpe:/a:microsoft:report_viewer:2008:*:redistributable_package:*:*:*:*:* OR cpe:/a:microsoft:report_viewer:2008:sp1:redistributable_package:*:*:*:*:* OR cpe:/a:microsoft:sql_server:2005:sp2:*:*:*:*:*:* OR cpe:/a:microsoft:sql_server:2005:sp2:itanium:*:*:*:*:* OR cpe:/a:microsoft:sql_server:2005:sp2:x64:*:*:*:*:* OR cpe:/a:microsoft:sql_server:2005:sp3:*:*:*:*:*:* OR cpe:/a:microsoft:sql_server:2005:sp3:itanium:*:*:*:*:* OR cpe:/a:microsoft:sql_server:2005:sp3:x64:*:*:*:*:* OR cpe:/a:microsoft:sql_server_reporting_services:2000:sp2:*:*:*:*:*:* Configuration 4 :cpe:/a:microsoft:excel_viewer:2003:*:*:*:*:*:*:* OR cpe:/a:microsoft:excel_viewer:2003:sp3:*:*:*:*:*:* OR cpe:/a:microsoft:expression_web:*:*:*:*:*:*:*:* OR cpe:/a:microsoft:expression_web:2:*:*:*:*:*:*:* OR cpe:/a:microsoft:office:2003:sp3:*:*:*:*:*:* OR cpe:/a:microsoft:office:2007:sp1:*:*:*:*:*:* OR cpe:/a:microsoft:office:2007:sp2:*:*:*:*:*:* OR cpe:/a:microsoft:office:xp:*:*:*:*:*:*:* OR cpe:/a:microsoft:office_compatibility_pack:2007:sp1:*:*:*:*:*:* OR cpe:/a:microsoft:office_compatibility_pack:2007:sp2:*:*:*:*:*:* OR cpe:/a:microsoft:office_excel_viewer:*:*:*:*:*:*:*:* OR cpe:/a:microsoft:office_groove:2007:*:*:*:*:*:*:* OR cpe:/a:microsoft:office_groove:2007:sp1:*:*:*:*:*:* OR cpe:/a:microsoft:office_powerpoint_viewer:*:*:*:*:*:*:*:* OR cpe:/a:microsoft:office_powerpoint_viewer:2007:sp1:*:*:*:*:*:* OR cpe:/a:microsoft:office_powerpoint_viewer:2007:sp2:*:*:*:*:*:* OR cpe:/a:microsoft:office_word_viewer:*:*:*:*:*:*:*:* OR cpe:/a:microsoft:project:2002:sp1:*:*:*:*:*:* OR cpe:/a:microsoft:visio:2002:sp2:*:*:*:*:*:* OR cpe:/a:microsoft:word_viewer:2003:*:*:*:*:*:*:* OR cpe:/a:microsoft:word_viewer:2003:sp3:*:*:*:*:*:* OR cpe:/a:microsoft:works:8.5:*:*:*:*:*:*:* Configuration 5 :cpe:/a:microsoft:platform_sdk:*:*:redistrutable_gdi+:*:*:*:*:* OR cpe:/a:microsoft:report_viewer:2005:sp1:redistributable_package:*:*:*:*:* OR cpe:/a:microsoft:report_viewer:2008:*:redistributable_package:*:*:*:*:* OR cpe:/a:microsoft:report_viewer:2008:sp1:redistributable_package:*:*:*:*:* OR cpe:/a:microsoft:visual_studio:2008:*:*:*:*:*:*:* OR cpe:/a:microsoft:visual_studio:2008:sp1:*:*:*:*:*:* OR cpe:/a:microsoft:visual_studio_.net:2003:sp1:*:*:*:*:*:* OR cpe:/a:microsoft:visual_studio_.net:2005:sp1:*:*:*:*:*:* Configuration 6 :cpe:/a:microsoft:forefront_client_security:1.0:*:*:*:*:*:*:* OR cpe:/a:microsoft:visual_foxpro:8.0:sp1:*:*:*:*:*:* OR cpe:/a:microsoft:visual_foxpro:9.0:sp2:*:*:*:*:*:* AND cpe:/o:microsoft:windows_2000:*:sp4:*:*:*:*:*:* Configuration CCN 1 :cpe:/a:microsoft:ie:6.0:sp1:*:*:*:*:*:* OR cpe:/o:microsoft:windows:xp:sp2:*:*:*:*:*:* OR cpe:/a:microsoft:project:2002:sp1:*:*:*:*:*:* OR cpe:/a:microsoft:visio:2002:sp2:*:*:*:*:*:* OR cpe:/a:microsoft:office:xp:sp3:*:*:*:*:*:* OR cpe:/a:microsoft:word_viewer:2003:*:*:*:*:*:*:* OR cpe:/a:microsoft:works:8.5:*:*:*:*:*:*:* OR cpe:/a:microsoft:excel_viewer:2003:*:*:*:*:*:*:* OR cpe:/a:microsoft:groove_server:2007:sp2:*:*:*:*:*:* OR cpe:/a:microsoft:expression_web:*:*:*:*:*:*:*:* OR cpe:/a:microsoft:office:2003:sp3:*:*:*:*:*:* OR cpe:/a:microsoft:excel_viewer:2003:sp3:*:*:*:*:*:* OR cpe:/a:microsoft:sql_server:2005:sp2:*:*:*:*:*:* OR cpe:/a:microsoft:excel_viewer:*:*:*:*:*:*:*:* OR cpe:/a:microsoft:office_word_viewer:*:*:*:*:*:*:*:* OR cpe:/a:microsoft:office_word_viewer:2003:sp3:*:*:*:*:*:* OR cpe:/a:microsoft:sql_server:2005:sp2:x64:*:*:*:*:* OR cpe:/a:microsoft:sql_server:2005:sp2:itanium:*:*:*:*:* OR cpe:/a:microsoft:office_compatibility_pack:2007:sp1:*:*:*:*:*:* OR cpe:/a:microsoft:office:2007:sp1:*:*:*:*:*:* OR cpe:/a:microsoft:sql_server_reporting_services:2000:sp2:*:*:*:*:*:* OR cpe:/a:microsoft:report_viewer:2005:sp1:*:*:*:*:*:* OR cpe:/a:microsoft:report_viewer:2008:*:*:*:*:*:*:* OR cpe:/a:microsoft:forefront_client_security:1.0:*:*:*:*:*:*:* OR cpe:/a:microsoft:expression_web:2:*:*:*:*:*:*:* OR cpe:/o:microsoft:windows:xp:sp3:*:*:*:*:*:* OR cpe:/a:microsoft:office_compatibility_pack:2007:sp2:*:*:*:*:*:* OR cpe:/a:microsoft:powerpoint_viewer:2007:sp2:*:*:*:*:*:* OR cpe:/a:microsoft:office:2007:sp2:*:*:*:*:*:* OR cpe:/a:microsoft:powerpoint_viewer:2007:*:*:*:*:*:*:* OR cpe:/a:microsoft:sql_server:2005:sp3:*:*:*:*:*:* OR cpe:/a:microsoft:sql_server:2005:sp3:x64:*:*:*:*:* OR cpe:/a:microsoft:report_viewer:2008:sp1:redistributable_package:*:*:*:*:* OR cpe:/a:microsoft:sql_server:2005:sp3:itanium:*:*:*:*:* AND cpe:/o:microsoft:windows_2000:-:sp4:*:*:*:*:*:* Oval Definitions BACK
microsoft windows 2003 server * sp2
microsoft windows 2003 server * sp2
microsoft windows 2003 server * sp2
microsoft windows server 2008 *
microsoft windows server 2008 *
microsoft windows server 2008 *
microsoft windows vista *
microsoft windows vista *
microsoft windows vista * sp1
microsoft windows vista * sp1
microsoft windows xp * sp2
microsoft windows xp * sp2
microsoft windows xp * sp3
microsoft windows 2000 * sp4
microsoft .net framework 1.1 sp1
microsoft .net framework 2.0 sp1
microsoft .net framework 2.0 sp2
microsoft internet explorer 6 sp1
microsoft report viewer 2005 sp1
microsoft report viewer 2008
microsoft report viewer 2008 sp1
microsoft sql server 2005 sp2
microsoft sql server 2005 sp2
microsoft sql server 2005 sp2
microsoft sql server 2005 sp3
microsoft sql server 2005 sp3
microsoft sql server 2005 sp3
microsoft sql server reporting services 2000 sp2
microsoft excel viewer 2003
microsoft excel viewer 2003 sp3
microsoft expression web *
microsoft expression web 2
microsoft office 2003 sp3
microsoft office 2007 sp1
microsoft office 2007 sp2
microsoft office xp
microsoft office compatibility pack 2007 sp1
microsoft office compatibility pack 2007 sp2
microsoft office excel viewer *
microsoft office groove 2007
microsoft office groove 2007 sp1
microsoft office powerpoint viewer *
microsoft office powerpoint viewer 2007 sp1
microsoft office powerpoint viewer 2007 sp2
microsoft office word viewer *
microsoft project 2002 sp1
microsoft visio 2002 sp2
microsoft word viewer 2003
microsoft word viewer 2003 sp3
microsoft works 8.5
microsoft platform sdk *
microsoft report viewer 2005 sp1
microsoft report viewer 2008
microsoft report viewer 2008 sp1
microsoft visual studio 2008
microsoft visual studio 2008 sp1
microsoft visual studio .net 2003 sp1
microsoft visual studio .net 2005 sp1
microsoft forefront client security 1.0
microsoft visual foxpro 8.0 sp1
microsoft visual foxpro 9.0 sp2
microsoft windows 2000 * sp4
microsoft ie 6.0 sp1
microsoft windows xp sp2
microsoft project 2002 sp1
microsoft visio 2002 sp2
microsoft office xp sp3
microsoft word viewer 2003
microsoft works 8.5
microsoft excel viewer 2003
microsoft groove server 2007 sp2
microsoft expression web *
microsoft office 2003 sp3
microsoft excel viewer 2003 sp3
microsoft sql server 2005 sp2
microsoft excel viewer *
microsoft office word viewer *
microsoft office word viewer 2003 sp3
microsoft sql server 2005 sp2
microsoft sql server 2005 sp2
microsoft office compatibility pack 2007 sp1
microsoft office 2007 sp1
microsoft sql server reporting services 2000 sp2
microsoft report viewer 2005 sp1
microsoft report viewer 2008
microsoft forefront client security 1.0
microsoft expression web 2
microsoft windows xp sp3
microsoft office compatibility pack 2007 sp2
microsoft powerpoint viewer 2007 sp2
microsoft office 2007 sp2
microsoft powerpoint viewer 2007
microsoft sql server 2005 sp3
microsoft sql server 2005 sp3
microsoft report viewer 2008 sp1
microsoft sql server 2005 sp3
microsoft windows 2000 - sp4
Denotes that component is vulnerable