What is CVE-2009-2501?

CVE-2009-2501 is a vulnerability in N/a. Published 2009-10-14.

Is CVE-2009-2501 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in N/a

CVE-2009-2501

Heap-based buffer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Vi…

EPSS: 0.542 (98.1th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

ARPSyndicate/cve-scores

References

TA09-286A (x_refsource_CERT, third-party-advisory)
oval:org.mitre.oval:def:5800 (x_refsource_OVAL, signature, vdb-entry)
MS09-062 (x_refsource_MS, vendor-advisory)

Frequently asked questions

What is CVE-2009-2501?: CVE-2009-2501 is a vulnerability in N/a. Published 2009-10-14.
Is CVE-2009-2501 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.