Microsoft Office Excel 2002 SP3 and 2003 SP3, Office 2004 and 2008 for Mac, Open XML File Format Converter for Mac, and Office Excel Viewer 2003 SP3 do not properly parse the Excel file format, which allows remote attackers to execute arbitrary code via a crafted spreadsheet, aka "Excel Cache Memory Corruption Vulnerability."
References
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 01:06
Type | Values Removed | Values Added |
---|---|---|
References | () http://www.securitytracker.com/id?1023157 - | |
References | () http://www.us-cert.gov/cas/techalerts/TA09-314A.html - US Government Resource | |
References | () https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-067 - | |
References | () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6146 - |
Information
Published : 2009-11-11 19:30
Updated : 2024-11-21 01:06
NVD link : CVE-2009-3127
Mitre link : CVE-2009-3127
CVE.ORG link : CVE-2009-3127
JSON object : View
Products Affected
microsoft
- open_xml_file_format_converter
- excel_viewer
- compatibility_pack_word_excel_powerpoint
- excel
- office
CWE
CWE-94
Improper Control of Generation of Code ('Code Injection')