Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cisa_kevCISACISA-KEV-CVE-2009-0557
HistoryJun 08, 2022 - 12:00 a.m.

Microsoft Office Object Record Corruption Vulnerability

2022-06-0800:00:00
CISA
www.cisa.gov
6
microsoft office
object record
corruption
vulnerability
remote attackers
execute code
crafted excel file

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

EPSS

0.933

Percentile

99.1%

JSON

Microsoft Office contains an object record corruption vulnerability that allows remote attackers to execute code via a crafted Excel file with a malformed record object.

Related

prion 1
attackerkb 1
cvelist 1
checkpoint_advisories 2
cve 1
nvd 1
securityvulns 2
openvas 2
seebug 1
nessus 2
prion
prion
Memory corruption
2009-06-10 18:30:00
attackerkb
attackerkb
CVE-2009-0557
2009-06-10 00:00:00
cvelist
cvelist
CVE-2009-0557
2009-06-10 18:00:00
checkpoint_advisories
checkpoint_advisories
Microsoft Office Excel OBJ Record Parsing Remote Code Execution - Ver2 (CVE-2009-0557)
2014-03-03 00:00:00
Microsoft Excel Object Record Memory Corruption (MS09-021; CVE-2009-0557)
2009-06-09 00:00:00
cve
cve
CVE-2009-0557
2009-06-10 18:30:00
nvd
nvd
CVE-2009-0557
2009-06-10 18:30:00
securityvulns
securityvulns
Microsoft Security Bulletin MS09-021 - Critical Vulnerabilities in Microsoft Office Excel Could Allow Remote Code Execution (969462)
2009-06-10 00:00:00
Microsoft Excel multiple security vulnerabilities
2009-06-14 00:00:00
openvas
openvas
Microsoft Office Excel Remote Code Execution Vulnerabilities (969462)
2009-06-12 00:00:00
Microsoft Office Excel Remote Code Execution Vulnerabilities (969462)
2009-06-12 00:00:00
seebug
seebug
Microsoft Excelη•Έε½’ε―Ήθ±‘θ§£ζžε€šδΈͺηΌ“ε†²εŒΊζΊ’ε‡ΊζΌζ΄ž(MS09-021)
2009-06-13 00:00:00
nessus
nessus
MS09-021: Vulnerabilities in Microsoft Office Excel Could Allow Remote Code Execution (969462)
2009-06-10 00:00:00
MS09-017 / MS09-021 / MS09-027: Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (967340 / 969462 / 969514) (Mac OS X)
2010-10-20 00:00:00

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

EPSS

0.933

Percentile

99.1%

JSON
Related for CISA-KEV-CVE-2009-0557
prion1attackerkb1cvelist1checkpoint_advisories2cve1nvd1securityvulns2openvas2seebug1nessus2