Remote Code Execution Vulnerability in Microsoft Excel 2007 and Viewers
CVE-2009-1134

Currently unrated

Key Information:

Vendor

Microsoft
Status
Open Xml File Format Converter
Office
Office Excel
Office Sharepoint Server
Vendor
CVE Published:
10 June 2009

What is CVE-2009-1134?

A vulnerability exists in Microsoft Excel 2007, the Excel Viewer, and the Office Compatibility Pack that allows attackers to execute arbitrary code. This issue arises from a flaw in handling BIFF files, specifically related to a malformed Qsir record. When a user opens a malicious BIFF file, it could lead to corruption in record pointers, putting the system at risk of unauthorized code execution. Affected users should take immediate action to secure their software environment against potential exploitation.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.securityfocus.com/bid/35246
vdb-entryx_refsource_BID
http://www.securityfocus.com/archive/1/504213/100/0/threaded
mailing-listx_refsource_BUGTRAQ
http://www.vupen.com/english/advisories/2009/1540
vdb-entryx_refsource_VUPEN

EPSS Score

51% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.