Excel Memory Corruption Vulnerability in Microsoft Office Products by Microsoft
CVE-2009-0558

Currently unrated

Key Information:

Vendor: Microsoft
Status: Open Xml File Format Converter; Office; Office Excel; Office Sharepoint Server
Vendor: CVE Published:; 10 June 2009

What is CVE-2009-0558?

A memory corruption issue exists in Excel software of Microsoft Office 2000 SP3 and Office versions 2004 and 2008 for Mac, as well as in the Open XML File Format Converter for Mac. This vulnerability allows attackers to exploit crafted Excel files, leading to arbitrary code execution due to an error in array index handling when parsing malformed record objects. Successful exploitation can compromise the system's integrity by executing untrusted commands, thereby posing a significant security risk for users.

References

http://www.vupen.com/english/advisories/2009/1540

vdb-entryx_refsource_VUPEN

http://www.securityfocus.com/archive/1/504188/100/0/threaded

mailing-listx_refsource_BUGTRAQ

http://www.securityfocus.com/bid/35242

vdb-entryx_refsource_BID

EPSS Score

55% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Jun 10, 2009
Vulnerability Reserved
Feb 12, 2009