Unrated severityNVD Advisory· Published Aug 12, 2009· Updated Jun 16, 2026
CVE-2009-1534
CVE-2009-1534
Description
Buffer overflow in the Office Web Components ActiveX Control in Microsoft Office XP SP3, Office 2000 Web Components SP3, Office XP Web Components SP3, BizTalk Server 2002, and Visual Studio .NET 2003 SP1 allows remote attackers to execute arbitrary code via crafted property values, aka "Office Web Components Buffer Overflow Vulnerability."
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
12cpe:2.3:a:microsoft:isa_server:2004:sp3:enterprise:*:*:*:*:*+ 3 more
- cpe:2.3:a:microsoft:isa_server:2004:sp3:enterprise:*:*:*:*:*
- cpe:2.3:a:microsoft:isa_server:2004:sp3:standard:*:*:*:*:*
- cpe:2.3:a:microsoft:isa_server:2006:sp1:enterprise:*:*:*:*:*
- cpe:2.3:a:microsoft:isa_server:2006:sp1:standard:*:*:*:*:*
cpe:2.3:a:microsoft:office_web_components:2000:sp3:*:*:*:*:*:*+ 4 more
- cpe:2.3:a:microsoft:office_web_components:2000:sp3:*:*:*:*:*:*
- cpe:2.3:a:microsoft:office_web_components:2003:sp1:2007_microsoft_office:*:*:*:*:*
- cpe:2.3:a:microsoft:office_web_components:2003:sp3:*:*:*:*:*:*
- cpe:2.3:a:microsoft:office_web_components:xp:sp3:*:*:*:*:*:*
- (no CPE)
Patches
Vulnerability mechanics
References
6- www.securityfocus.com/bid/35992nvdPatch
- www.us-cert.gov/cas/techalerts/TA09-223A.htmlnvdUS Government Resource
- osvdb.org/56916nvd
- www.securitytracker.com/idnvd
- docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-043nvd
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6326nvd
News mentions
0No linked articles in our index yet.