CVE-2009-3128

Currently unrated

Key Information:

Vendor: Microsoft
Status: Open Xml File Format Converter; Office; Excel; Excel Viewer
Vendor: CVE Published:; 11 November 2009

Summary

Microsoft Office Excel 2002 SP3 and 2003 SP3, and Office Excel Viewer 2003 SP3, does not properly parse the Excel file format, which allows remote attackers to execute arbitrary code via a spreadsheet with a malformed record object, aka "Excel SxView Memory Corruption Vulnerability."

References

http://www.securitytracker.com/id?1023157

vdb-entryx_refsource_SECTRACK

https://oval.cisecurity.org/repository/search/definition/...

vdb-entrysignaturex_refsource_OVAL

http://www.us-cert.gov/cas/techalerts/TA09-314A.html

third-party-advisoryx_refsource_CERT

EPSS Score

57% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Nov 11, 2009
Vulnerability Reserved
Sep 10, 2009

Collectors

NVD DatabaseMitre Database