NVD

Id
50344  
Name
CVE-2009-3129  
Description
Microsoft Office Excel 2002 SP3, 2003 SP3, and 2007 SP1 and SP2; Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Office Excel Viewer 2003 SP3; Office Excel Viewer SP1 and SP2; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2 allows remote attackers to execute arbitrary code via a spreadsheet with a FEATHEADER record containing an invalid cbHdrData size element that affects a pointer offset, aka "Excel Featheader Record Memory Corruption Vulnerability."  
Reject
 
CVSS Version
2  
CVSS Score
9.3  
Severity
High  
CVSS Base Score
9.3  
CVSS Impact Subscore
10  
CVSS Exploit Subscore
8.6  
CVSS Vector
(AV:N/AC:M/Au:N/C:C/I:C/A:C)  
Pub Date
2017-01-07  
Published
2009-11-11  
Modified Date
2010-09-08  
Seq
2009-3129  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
254829 50344 CVE-2009-3129 20091110 ZDI-09-083: Microsoft Excel Shared Feature Header Pointer Offset Memory Corruption Vulnerability  View
254830 50344 CVE-2009-3129 20091110 Microsoft Excel FEATHEADER Record Memory Corruption Vulnerability  View
254831 50344 CVE-2009-3129 oval:org.mitre.oval:def:6521  View
254832 50344 CVE-2009-3129 14706  View
254833 50344 CVE-2009-3129 MS09-067  View
254834 50344 CVE-2009-3129 36945  View
254835 50344 CVE-2009-3129 1023157  View
254836 50344 CVE-2009-3129 TA09-314A  View
254837 50344 CVE-2009-3129 http://www.zerodayinitiative.com/advisories/ZDI-09-083  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
41378 JVNDB-2009-002385 複数の Microsoft 製品における FEATHEADER レコードの処理に関する任意のコードを実行される脆弱性 複数の Microsoft 製品には、FEATHEADER レコードを持つスプレッドシートの処理に不備があるため、任意のコードを実行される脆弱性が存在します。 CVE-2009-3129 40560 CVE-2009-3129 50344 9.3 http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002385.html 2009-11-10 2015-05-11 View