Unrated severityNVD Advisory· Published Aug 12, 2009· Updated Apr 23, 2026
CVE-2009-1534
CVE-2009-1534
Description
Buffer overflow in the Office Web Components ActiveX Control in Microsoft Office XP SP3, Office 2000 Web Components SP3, Office XP Web Components SP3, BizTalk Server 2002, and Visual Studio .NET 2003 SP1 allows remote attackers to execute arbitrary code via crafted property values, aka "Office Web Components Buffer Overflow Vulnerability."
Affected products
11cpe:2.3:a:microsoft:isa_server:2004:sp3:enterprise:*:*:*:*:*+ 3 more
- cpe:2.3:a:microsoft:isa_server:2004:sp3:enterprise:*:*:*:*:*
- cpe:2.3:a:microsoft:isa_server:2004:sp3:standard:*:*:*:*:*
- cpe:2.3:a:microsoft:isa_server:2006:sp1:enterprise:*:*:*:*:*
- cpe:2.3:a:microsoft:isa_server:2006:sp1:standard:*:*:*:*:*
cpe:2.3:a:microsoft:office_web_components:2000:sp3:*:*:*:*:*:*+ 3 more
- cpe:2.3:a:microsoft:office_web_components:2000:sp3:*:*:*:*:*:*
- cpe:2.3:a:microsoft:office_web_components:2003:sp1:2007_microsoft_office:*:*:*:*:*
- cpe:2.3:a:microsoft:office_web_components:2003:sp3:*:*:*:*:*:*
- cpe:2.3:a:microsoft:office_web_components:xp:sp3:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
6- www.securityfocus.com/bid/35992nvdPatch
- www.us-cert.gov/cas/techalerts/TA09-223A.htmlnvdUS Government Resource
- osvdb.org/56916nvd
- www.securitytracker.com/idnvd
- docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-043nvd
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6326nvd
News mentions
0No linked articles in our index yet.