CVE-2009-0563CISA KEVEPSS p99.1%

CVE-2009-0563Microsoft Office Buffer Overflow Vulnerability

Microsoft / Office

Description

Microsoft Office contains a buffer overflow vulnerability that allows remote attackers to execute code via a Word document with a crafted tag containing an invalid length field.

Scoring

EPSS63.08% probability of exploitation · percentile 99.1% · 2026-06-18T12:00:27Z

CISA KEV entry

Added to KEV: 2022-06-08

(incoming)1

TypeTargetConfidenceTier
KEVEntryMicrosoft Office Buffer Overflow Vulnerabilitykev-cve-2009-05630%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
Microsoft Office Stack-based Buffer Overflow Vulnerability
CVE
Microsoft Office Object Record Corruption Vulnerability
CVE
Microsoft Office Memory Corruption Vulnerability
CVE
CVE-2025-54910
CVE
Microsoft Office PowerPoint Code Injection Vulnerability
CVE
Microsoft Word Malformed Object Pointer Vulnerability
Sourced from NVD + CISA KEV + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.