Memory Corruption Vulnerability in Microsoft Excel Products
CVE-2009-0100

Currently unrated

Key Information:

Vendor: Microsoft
Status: Office; Office Excel Viewer; Office Compatibility Pack For Word Excel Ppt 2007; Office Excel
Vendor: CVE Published:; 15 April 2009

Summary

A memory corruption vulnerability exists in multiple versions of Microsoft Excel that arises during the parsing of specially crafted spreadsheet files. Attackers could exploit this vulnerability by delivering a malicious Excel file, potentially allowing them to execute arbitrary code on the victim's machine when the file is opened. This flaw affects numerous versions of Excel on both Windows and Mac platforms, making it crucial for users to implement security updates to mitigate risks.

References

http://www.vupen.com/english/advisories/2009/1023

vdb-entryx_refsource_VUPEN

http://www.securityfocus.com/archive/1/502696/100/0/threaded

mailing-listx_refsource_BUGTRAQ

http://www.us-cert.gov/cas/techalerts/TA09-104A.html

third-party-advisoryx_refsource_CERT

EPSS Score

63% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Apr 15, 2009
Vulnerability Reserved
Jan 8, 2009