CVE-2009-0556CISA KEVEPSS p99.2%

CVE-2009-0556Microsoft Office PowerPoint Code Injection Vulnerability

Microsoft / Office

Description

Microsoft Office PowerPoint contains a code injection vulnerability that allows remote attackers to execute arbitrary code via a PowerPoint file with an OutlineTextRefAtom containing an invalid index value that triggers memory corruption.

Scoring

EPSS67.54% probability of exploitation · percentile 99.2% · 2026-06-18T12:00:27Z

CISA KEV entry

Added to KEV: 2026-01-07

(incoming)1

TypeTargetConfidenceTier
KEVEntryMicrosoft Office PowerPoint Code Injection Vulnerabilitykev-cve-2009-05560%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
Microsoft PowerPoint Memory Corruption Vulnerability
CVE
Microsoft PowerPoint Buffer Overflow Vulnerability
CVE
Microsoft Office Buffer Overflow Vulnerability
CVE
Microsoft Office Object Record Corruption Vulnerability
CVE
Microsoft Office Memory Corruption Vulnerability
CVE
Microsoft Office Stack-based Buffer Overflow Vulnerability
Sourced from NVD + CISA KEV + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.