<< Back
CVE Number Vulnerability Product Severity Date
MS09-009 Vulnerabilities in Microsoft Office Excel Could Cause Remote Code Execution (968557) 2007 Microsoft Critical 15-04-2009

Technical Information

Brief overview of the risk:
This security update resolves a privately reported and a publicly disclosed vulnerability. The vulnerabilities could allow remote code execution if the user opens a specially crafted Excel file
Detailed Information on the risk:
A remote code execution vulnerability exists in Microsoft Office Excel that could allow remote code execution if a user opens a specially crafted Excel file that includes a malformed object. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Further information on this exploit is available at : MS09-009

Affected Software

2007 Microsoft Office System Service Pack 1
Microsoft Office 2000 Service Pack 3
Microsoft Office 2003 Service Pack 3
Microsoft Office 2004 for Mac
Microsoft Office 2008 for Mac
Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Service Pack 1
Microsoft Office Excel Viewer
Microsoft Office Excel Viewer 2003 Service Pack 3
Microsoft Office XP Service Pack 3