CVE Number | Vulnerability | Product | Severity | Date |
---|---|---|---|---|
MS09-009 | Vulnerabilities in Microsoft Office Excel Could Cause Remote Code Execution (968557) | 2007 Microsoft | Critical | 15-04-2009 |
Technical Information
Brief overview of the risk:
This security update resolves a privately reported and a publicly disclosed vulnerability. The vulnerabilities could allow remote code execution if the user opens a specially crafted Excel file
Detailed Information on the risk:
A remote code execution vulnerability exists in Microsoft Office Excel that could allow remote code execution if a user opens a specially crafted Excel file that includes a malformed object. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Further information on this exploit is available at : MS09-009
Affected Software
2007 Microsoft Office System Service Pack 1Microsoft Office 2000 Service Pack 3
Microsoft Office 2003 Service Pack 3
Microsoft Office 2004 for Mac
Microsoft Office 2008 for Mac
Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Service Pack 1
Microsoft Office Excel Viewer
Microsoft Office Excel Viewer 2003 Service Pack 3
Microsoft Office XP Service Pack 3