CVE-2009-1515
EPSS 4.2%
Description
Heap-based buffer overflow in the cdf_read_sat function in src/cdf.c in Christos Zoulas file 5.00 allows user-assisted remote attackers to execute arbitrary code via a crafted compound document file, as demonstrated by a .msi, .doc, or .mpp file. NOTE: some of these details are obtained from third party information.
How to fix CVE-2009-1515
To remediate CVE-2009-1515, upgrade the affected package to a fixed version below.
- Debian/file—upgrade to 5.02-1 or later
Is CVE-2009-1515 being exploited?
Low — EPSS is 4.2%, meaning exploitation activity has not been observed at scale.
Affected packages (1)
- from 0, < 5.02-1