- Description
- Microsoft Office PowerPoint 2000 SP3, 2002 SP3, and 2003 SP3, and PowerPoint in Microsoft Office 2004 for Mac, allows remote attackers to execute arbitrary code via a PowerPoint file with an OutlineTextRefAtom containing an an invalid index value that triggers memory corruption, as exploited in the wild in April 2009 by Exploit:Win32/Apptom.gen, aka "Memory Corruption Vulnerability."
- Source
- secure@microsoft.com
- NVD status
- Deferred
- Products
- office_powerpoint, powerpoint
CVSS 3.1
- Type
- Secondary
- Base score
- 8.8
- Impact score
- 5.9
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
- Severity
- HIGH
CVSS 2.0
- Type
- Primary
- Base score
- 9.3
- Impact score
- 10
- Exploitability score
- 8.6
- Vector string
- AV:N/AC:M/Au:N/C:C/I:C/A:C
- Hype score
- Not currently trending
“🚨 CISA KEV Update (Jan 7, 2026): Two actively exploited vulns now federally prioritized! • CVE-2025-37164 (HPE OneView): Unauth code injection → RCE. Patch by Jan 28! • CVE-2009-0556 (Old MS Office PowerPoint): Arbitrary code exec via malformed files. Still biti
@CyberAlliance26
12 Jan 2026
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 CISA KEV Alert: Exploited HPE OneView RCE + Legacy PowerPoint RCE Resurface CISA added HPE OneView’s unauthenticated RCE (CVE-2025-37164, CVSS 10) and a legacy PowerPoint code-exec bug (CVE-2009-0556) to KEV, with a federal remediation deadline of Jan 28, 2026. OneView has
@ThreatSynop
8 Jan 2026
38 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 CISA adds two vulnerabilities to the KEV Catalog https://t.co/9idGUAHIKd CVE-2009-0556: Microsoft Office PowerPoint Code Injection Vulnerability CVSS: 9.3 CVE-2025-37164: Hewlett Packard Enterprise OneView Code Injection Vulnerability CVSS: 10
@DarkWebInformer
8 Jan 2026
2370 Impressions
1 Retweet
10 Likes
2 Bookmarks
2 Replies
0 Quotes
🚨 CISA Adds HPE OneView (CVE-2025-37164) and PowerPoint (CVE-2009-0556) to KEV Amid Active Exploitation CISA added HPE OneView’s max-severity unauthenticated code-injection/RCE flaw (CVE-2025-37164) and a legacy Microsoft PowerPoint code-injection issue (CVE-2009-0556) to th
@ThreatSynop
8 Jan 2026
37 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 CISA Adds Microsoft Office PowerPoint and HPE OneView RCE Bugs to KEV After Active Exploitation Signals CISA added CVE-2009-0556 (Microsoft Office PowerPoint memory-corruption/code-injection) and CVE-2025-37164 (unauthenticated RCE in HPE OneView) to the Known Exploited
@ThreatSynop
8 Jan 2026
54 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🛡️ We added Microsoft Office PowerPoint (CVE-2009-0556) & HPE OneView (CVE-2025-37164) code injection vulnerabilities to our Known Exploited Vulnerabilities Catalog. Visit https://t.co/myxOwap1Tf & apply mitigations to protect your org from cyberattacks. #Cybersecuri
@CISACyber
7 Jan 2026
5290 Impressions
16 Retweets
38 Likes
5 Bookmarks
3 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:office_powerpoint:2004:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A192BD93-8778-4CA9-BC32-18F8290BF197"
},
{
"criteria": "cpe:2.3:a:microsoft:powerpoint:2000:sp3:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "16844C40-F012-4C19-9028-D05014EBF7D2"
},
{
"criteria": "cpe:2.3:a:microsoft:powerpoint:2002:sp3:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "34C63AE5-4584-4A51-B20D-36FA6DE01C86"
},
{
"criteria": "cpe:2.3:a:microsoft:powerpoint:2003:sp3:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1778A4FF-FF69-403C-A607-6777AE685A13"
}
],
"operator": "OR"
}
]
}
]