CVE-2009-3128
Published Nov 11, 2009
Last updated 6 years ago
Overview
- Description
- Microsoft Office Excel 2002 SP3 and 2003 SP3, and Office Excel Viewer 2003 SP3, does not properly parse the Excel file format, which allows remote attackers to execute arbitrary code via a spreadsheet with a malformed record object, aka "Excel SxView Memory Corruption Vulnerability."
- Source
- secure@microsoft.com
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 9.3
- Impact score
- 10
- Exploitability score
- 8.6
- Vector string
- AV:N/AC:M/Au:N/C:C/I:C/A:C
Weaknesses
- nvd@nist.gov
- CWE-94
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:compatibility_pack_word_excel_powerpoint:2007:sp1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7EB896B5-611E-4457-B438-C6CC937D63FF"
},
{
"criteria": "cpe:2.3:a:microsoft:compatibility_pack_word_excel_powerpoint:2007:sp2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3F9109ED-34C9-45E0-9E8B-FC05054E0F73"
},
{
"criteria": "cpe:2.3:a:microsoft:excel:2002:sp3:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "896E23B1-AB34-43FF-96F3-BA6ED7F162AF"
},
{
"criteria": "cpe:2.3:a:microsoft:excel:2003:sp3:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CEBB33CD-CACF-4EB8-8B5F-8E1CB8D7A440"
},
{
"criteria": "cpe:2.3:a:microsoft:excel:2007:sp1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F703901F-AD7C-42E7-BBFA-529A8C510D83"
},
{
"criteria": "cpe:2.3:a:microsoft:excel:2007:sp2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "273729C3-56BF-454A-8697-473094EA828F"
},
{
"criteria": "cpe:2.3:a:microsoft:excel_viewer:*:sp1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8E8D1DDD-8996-43A3-9FC7-60539E09CFC4"
},
{
"criteria": "cpe:2.3:a:microsoft:excel_viewer:*:sp2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D65CAA23-16D8-4AE7-8BC4-F73B1C5F9C3B"
},
{
"criteria": "cpe:2.3:a:microsoft:excel_viewer:2003:sp3:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AE2F0B8B-0600-4324-93A9-07DBE97E1BB8"
},
{
"criteria": "cpe:2.3:a:microsoft:office:2004:*:mac:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9409A9BD-1E9B-49B8-884F-8FE569D8AA25"
},
{
"criteria": "cpe:2.3:a:microsoft:office:2008:*:mac:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5BA91840-371C-4282-9F7F-B393F785D260"
},
{
"criteria": "cpe:2.3:a:microsoft:open_xml_file_format_converter:*:*:mac:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3807A4E4-EB58-47B6-AD98-6ED464DEBA4E"
}
],
"operator": "OR"
}
]
}
]