Remote Code Execution Vulnerability in Microsoft Excel Products
CVE-2009-3132

Currently unrated

Key Information:

Vendor: Microsoft
Status: Open Xml File Format Converter; Office; Excel; Excel Viewer
Vendor: CVE Published:; 11 November 2009

Summary

The vulnerability arises from a flaw in Microsoft Excel that enables remote attackers to execute arbitrary code through specially crafted spreadsheets containing a malformed formula. This issue, known as a pointer corruption problem, affects various versions of Microsoft Excel and can lead to unauthorized access and manipulation of sensitive data.

References

http://www.securitytracker.com/id?1023157

vdb-entryx_refsource_SECTRACK

https://oval.cisecurity.org/repository/search/definition/...

vdb-entrysignaturex_refsource_OVAL

http://www.us-cert.gov/cas/techalerts/TA09-314A.html

third-party-advisoryx_refsource_CERT

EPSS Score

56% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Nov 11, 2009
Vulnerability Reserved
Sep 10, 2009