Excel Field Sanitization Vulnerability in Microsoft Office Products
CVE-2009-3134

Currently unrated

Key Information:

Vendor: Microsoft
Status: Open Xml File Format Converter; Office; Excel; Excel Viewer
Vendor: CVE Published:; 11 November 2009

What is CVE-2009-3134?

The Excel Field Sanitization Vulnerability exposes certain Microsoft Office products to remote code execution risks. This flaw occurs due to improper parsing of the Excel file format, which can be exploited by attackers through specially crafted Excel spreadsheets containing malformed record objects. Successful exploitation enables attackers to execute arbitrary code on the victim's system, potentially leading to unauthorized access and data breaches.

References

http://www.securitytracker.com/id?1023157

vdb-entryx_refsource_SECTRACK

http://www.us-cert.gov/cas/techalerts/TA09-314A.html

third-party-advisoryx_refsource_CERT

https://docs.microsoft.com/en-us/security-updates/securit...

vendor-advisoryx_refsource_MS

EPSS Score

57% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 11, 2009
Vulnerability Reserved
Sep 10, 2009