CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2009-0557

Excel in Microsoft Office 2000 SP3, Office XP SP3, Office 2003 SP3, and Office 2004 and 2008 for Mac; Excel in 2007 Microsoft Office System SP1 and SP2; Open XML File Format Converter for Mac; Microsoft Office Excel Viewer 2003 SP3; Microsoft Office Excel Viewer; and Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2 allow remote attackers to execute arbitrary code via a crafted Excel file with a malformed record object, aka "Object Record Corruption Vulnerability."

Exploit prediction scoring system (EPSS) score

EPSS Score 0.863

EPSS Ranking 99.3%

CVSS Severity

CVSS v3 Score 7.8

CVSS v2 Score 9.3

Proposed Action

Microsoft Office contains an object record corruption vulnerability that allows remote attackers to execute code via a crafted Excel file with a malformed record object.

Ransomware Campaign

Unknown

References

Products affected by CVE-2009-0557

Microsoft » Office » Version: 2000

cpe:2.3:a:microsoft:office:2000
Microsoft » Office » Version: 2003

cpe:2.3:a:microsoft:office:2003
Microsoft » Office » Version: 2004

cpe:2.3:a:microsoft:office:2004
Microsoft » Office » Version: 2007

cpe:2.3:a:microsoft:office:2007
Microsoft » Office » Version: 2008

cpe:2.3:a:microsoft:office:2008
Microsoft » Office » Version: xp

cpe:2.3:a:microsoft:office:xp
Microsoft » Office Compatibility Pack » Version: 2007

cpe:2.3:a:microsoft:office_compatibility_pack:2007
Microsoft » Office Excel Viewer » Version: N/A

cpe:2.3:a:microsoft:office_excel_viewer:-
Microsoft » Office Excel Viewer » Version: 2003

cpe:2.3:a:microsoft:office_excel_viewer:2003
Microsoft » Office Sharepoint Server » Version: 2007

cpe:2.3:a:microsoft:office_sharepoint_server:2007
Microsoft » Open Xml File Format Converter » Version: N/A

cpe:2.3:a:microsoft:open_xml_file_format_converter:-

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2009-0557

Products

Pricing

Contact Us