CVE-2009-0560

CWE-3994 documents4 sources

Severity

9.3CRITICAL

EPSS

60.6%

top 1.71%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Microsoft Office Microsoft Office Excel Microsoft Office Excel Viewer +1 more

Timeline

PublishedJun 10

Latest updateMay 2

Description

Excel in Microsoft Office 2000 SP3, Office XP SP3, Office 2003 SP3, and Office 2004 and 2008 for Mac; Excel in 2007 Microsoft Office System SP1 and SP2; Open XML File Format Converter for Mac; Microsoft Office Excel Viewer 2003 SP3; Microsoft Office Excel Viewer; and Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2 allow remote attackers to execute arbitrary code via a crafted Excel file with a malformed record object, aka "Field Sanitization Memo…

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages4 packages

▶NVDmicrosoft/office_excel_viewer2003

▶NVDmicrosoft/office_excel2000, 2003, 2007+2

▶NVDmicrosoft/office2004, 2008, xp+2

▶NVDmicrosoft/office_sharepoint_server2007

🔴Vulnerability Details

GHSA

GHSA-34jv-9f93-hq2f: Excel in Microsoft Office 2000 SP3, Office XP SP3, Office 2003 SP3, and Office 2004 and 2008 for Mac; Excel in 2007 Microsoft Office System SP1 and SP↗2022-05-02

▶

CVEList

CVE-2009-0560: Excel in Microsoft Office 2000 SP3, Office XP SP3, Office 2003 SP3, and Office 2004 and 2008 for Mac; Excel in 2007 Microsoft Office System SP1 and SP↗2009-06-10

▶

💥Exploits & PoCs

Exploit-DB

Cisco VPN Client - Integer Overflow Denial of Service↗2009-11-21

▶