Memory Corruption Vulnerability in Microsoft Excel Software Suite
CVE-2009-3127

Currently unrated

Key Information:

Vendor: Microsoft
Status: Open Xml File Format Converter; Office; Excel; Excel Viewer
Vendor: CVE Published:; 11 November 2009

Summary

A vulnerability in Microsoft Office Excel products arises from improper parsing of Excel file formats. This flaw may allow remote attackers to exploit crafted spreadsheets for executing arbitrary code, jeopardizing the security of affected systems. Users of Microsoft Office Excel 2002 SP3, 2003 SP3, 2004 and 2008 for Mac, as well as Open XML File Format Converter and Excel Viewer 2003 SP3 are particularly at risk.

References

http://www.securitytracker.com/id?1023157

vdb-entryx_refsource_SECTRACK

http://www.us-cert.gov/cas/techalerts/TA09-314A.html

third-party-advisoryx_refsource_CERT

https://docs.microsoft.com/en-us/security-updates/securit...

vendor-advisoryx_refsource_MS

EPSS Score

60% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Nov 11, 2009
Vulnerability Reserved
Sep 10, 2009