CVE-2009-3133

Description

Microsoft Office Excel 2002 SP3, Office 2004 and 2008 for Mac, and Open XML File Format Converter for Mac allow remote attackers to execute arbitrary code via a spreadsheet containing a malformed object that triggers memory corruption, related to "loading Excel records," aka "Excel Document Parsing Memory Corruption Vulnerability."

Affected products

• Microsoft / compatibility_pack_word_excel_powerpoint2007 – 2007
• Microsoft / compatibility_pack_word_excel_powerpoint2007 – 2007
• Microsoft / Excel2002 – 2002
• Microsoft / Excel2003 – 2003
• Microsoft / Excel2007 – 2007
• Microsoft / Excel2007 – 2007
• Microsoft / excel_viewer
• Microsoft / excel_viewer
• Microsoft / excel_viewer2003 – 2003
• Microsoft / office2004 – 2004
• Microsoft / office2008 – 2008
• Microsoft / open_xml_file_format_converter

References

• MISChttp://www.securitytracker.com/id?1023157
• MISChttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6265
• MISChttp://www.us-cert.gov/cas/techalerts/TA09-314A.html
• MISChttps://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-067