CVE-2009-0556

⚠ KEVEPSS 68.3%

Microsoft Office PowerPoint Code Injection Vulnerability

Added to CISA KEV: 1/7/2026

Description

Microsoft Office PowerPoint contains a code injection vulnerability that allows remote attackers to execute arbitrary code via a PowerPoint file with an OutlineTextRefAtom containing an invalid index value that triggers memory corruption.

Affected packages (0)

No package mapping in OSV.