CVE-2009-3130
Summary
| CVE | CVE-2009-3130 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2009-11-11 20:30:00 UTC |
| Updated | 2018-10-12 21:52:00 UTC |
| Description | Heap-based buffer overflow in Microsoft Office Excel 2002 SP3, Office 2004 and 2008 for Mac, and Open XML File Format Converter for Mac allows remote attackers to execute arbitrary code via a spreadsheet containing a malformed Binary File Format (aka BIFF) record that triggers memory corruption, aka "Excel Document Parsing Heap Overflow Vulnerability." |
Risk And Classification
Problem Types: CWE-119
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Microsoft | Compatibility Pack Word Excel Powerpoint | 2007 | sp1 | All | All |
| Application | Microsoft | Compatibility Pack Word Excel Powerpoint | 2007 | sp2 | All | All |
| Application | Microsoft | Compatibility Pack Word Excel Powerpoint | 2007 | sp1 | All | All |
| Application | Microsoft | Compatibility Pack Word Excel Powerpoint | 2007 | sp2 | All | All |
| Application | Microsoft | Excel | 2002 | sp3 | All | All |
| Application | Microsoft | Excel | 2003 | sp3 | All | All |
| Application | Microsoft | Excel | 2007 | sp1 | All | All |
| Application | Microsoft | Excel | 2007 | sp2 | All | All |
| Application | Microsoft | Excel | 2002 | sp3 | All | All |
| Application | Microsoft | Excel | 2003 | sp3 | All | All |
| Application | Microsoft | Excel | 2007 | sp1 | All | All |
| Application | Microsoft | Excel | 2007 | sp2 | All | All |
| Application | Microsoft | Excel Viewer | All | sp1 | All | All |
| Application | Microsoft | Excel Viewer | All | sp2 | All | All |
| Application | Microsoft | Excel Viewer | 2003 | sp3 | All | All |
| Application | Microsoft | Excel Viewer | All | sp1 | All | All |
| Application | Microsoft | Excel Viewer | All | sp2 | All | All |
| Application | Microsoft | Excel Viewer | 2003 | sp3 | All | All |
| Application | Microsoft | Office | 2004 | All | mac | All |
| Application | Microsoft | Office | 2008 | All | mac | All |
| Application | Microsoft | Office | 2004 | All | mac | All |
| Application | Microsoft | Office | 2008 | All | mac | All |
| Application | Microsoft | Open Xml File Format Converter | All | All | mac | All |
| Application | Microsoft | Open Xml File Format Converter | All | All | mac | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Microsoft Security Bulletin MS09-067 - Important | Microsoft Docs | MS | docs.microsoft.com | |
| Repository / Oval Repository | OVAL | oval.cisecurity.org | |
| US-CERT Technical Cyber Security Alert TA09-314A -- Microsoft Updates for Multiple Vulnerabilities | CERT | www.us-cert.gov | US Government Resource |
| Microsoft Excel Bugs Let Remote Users Execute Arbitrary Code - SecurityTracker | SECTRACK | www.securitytracker.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.