Memory Corruption Vulnerability in Microsoft Excel Products
CVE-2009-0560

Currently unrated

Key Information:

Vendor: Microsoft
Status: Open Xml File Format Converter; Office; Office Excel; Office Sharepoint Server
Vendor: CVE Published:; 10 June 2009

Summary

A memory corruption vulnerability exists in various versions of Microsoft Excel, which allows remote attackers to execute arbitrary code. This vulnerability can be exploited by sending a specially crafted Excel file containing a malformed record object. Successful exploitation could lead to unauthorized access to system resources, potentially allowing attackers to gain control over the affected system. Users of impacted versions are advised to apply security updates from Microsoft to mitigate risks associated with this vulnerability.

References

http://www.vupen.com/english/advisories/2009/1540

vdb-entryx_refsource_VUPEN

http://osvdb.org/54956

vdb-entryx_refsource_OSVDB

http://www.securitytracker.com/id?1022351

vdb-entryx_refsource_SECTRACK

EPSS Score

66% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Jun 10, 2009
Vulnerability Reserved
Feb 12, 2009