Remote Code Execution Vulnerability in Microsoft Office Web Components
CVE-2009-1136

Currently unrated

Key Information:

Vendor

Microsoft
Status
Office Web Components
Isa Server
Office
Office Xp
Vendor
CVE Published:
15 July 2009

What is CVE-2009-1136?

The Microsoft Office Web Components Spreadsheet ActiveX control, used within various versions of Microsoft Office and Internet Explorer, is susceptible to exploitation through a tailored call to the msDataSourceObject method. This vulnerability may allow remote attackers to execute arbitrary code on affected systems, potentially leading to significant security breaches. It was notably exploited in the wild during mid-2009, necessitating immediate attention and remediation. Users of affected products should prioritize applying patches and updates to mitigate risks associated with this security flaw.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://oval.cisecurity.org/repository/search/definition/...
vdb-entrysignaturex_refsource_OVAL
http://isc.sans.org/diary.html?storyid=6778
x_refsource_MISC
http://www.us-cert.gov/cas/techalerts/TA09-223A.html
third-party-advisoryx_refsource_CERT

EPSS Score

84% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.