Lucene search

[email protected]CVE-2009-3133

HistoryNov 11, 2009 - 8:30 p.m.

CVE-2009-3133

2009-11-1120:30:00

CWE-94

[email protected]

web.nvd.nist.gov

microsoft

office

excel

vulnerability

remote code execution

memory corruption

nvd

cve-2009-3133

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.4 High

AI Score

Confidence

Low

0.32 Low

EPSS

Percentile

97.0%

JSON

Microsoft Office Excel 2002 SP3, Office 2004 and 2008 for Mac, and Open XML File Format Converter for Mac allow remote attackers to execute arbitrary code via a spreadsheet containing a malformed object that triggers memory corruption, related to “loading Excel records,” aka “Excel Document Parsing Memory Corruption Vulnerability.”

Affected configurations

NVD

Node

microsoftcompatibility_pack_word_excel_powerpointMatch2007sp1

microsoftcompatibility_pack_word_excel_powerpointMatch2007sp2

microsoftexcelMatch2002sp3

microsoftexcelMatch2003sp3

microsoftexcelMatch2007sp1

microsoftexcelMatch2007sp2

microsoftexcel_viewersp1

microsoftexcel_viewersp2

microsoftexcel_viewerMatch2003sp3

microsoftofficeMatch2004mac

microsoftofficeMatch2008mac

microsoftopen_xml_file_format_convertermac

CPENameOperatorVersion
microsoft:compatibility_pack_word_excel_powerpointmicrosoft compatibility pack word excel powerpointeq2007
microsoft:excelmicrosoft exceleq2002
microsoft:excelmicrosoft exceleq2003
microsoft:excelmicrosoft exceleq2007
microsoft:excel_viewermicrosoft excel viewereq*
microsoft:excel_viewermicrosoft excel viewereq2003
microsoft:officemicrosoft officeeq2004
microsoft:officemicrosoft officeeq2008
microsoft:open_xml_file_format_convertermicrosoft open xml file format convertereq*

CPE	Name	Operator	Version
microsoft:compatibility_pack_word_excel_powerpoint	microsoft compatibility pack word excel powerpoint	eq	2007
microsoft:excel	microsoft excel	eq	2002
microsoft:excel	microsoft excel	eq	2003
microsoft:excel	microsoft excel	eq	2007
microsoft:excel_viewer	microsoft excel viewer	eq	*
microsoft:excel_viewer	microsoft excel viewer	eq	2003
microsoft:office	microsoft office	eq	2004
microsoft:office	microsoft office	eq	2008
microsoft:open_xml_file_format_converter	microsoft open xml file format converter	eq	*