Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2009-3129
HistoryNov 11, 2009 - 7:30 p.m.

CVE-2009-3129

2009-11-1119:30:00
CWE-94
[email protected]
web.nvd.nist.gov
843
In Wild
1
cve-2009-3129
microsoft office
excel
mac
open xml
security vulnerability
remote code execution

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.5 High

AI Score

Confidence

Low

0.969 High

EPSS

Percentile

99.7%

JSON

Microsoft Office Excel 2002 SP3, 2003 SP3, and 2007 SP1 and SP2; Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Office Excel Viewer 2003 SP3; Office Excel Viewer SP1 and SP2; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2 allows remote attackers to execute arbitrary code via a spreadsheet with a FEATHEADER record containing an invalid cbHdrData size element that affects a pointer offset, aka “Excel Featheader Record Memory Corruption Vulnerability.”

Affected configurations

NVD
Node
microsoftcompatibility_pack_word_excel_powerpointMatch2007sp1
OR
microsoftcompatibility_pack_word_excel_powerpointMatch2007sp2
OR
microsoftexcelMatch2002sp3
OR
microsoftexcelMatch2003sp3
OR
microsoftexcelMatch2007sp1
OR
microsoftexcelMatch2007sp2
OR
microsoftexcel_viewersp1
OR
microsoftexcel_viewersp2
OR
microsoftexcel_viewerMatch2003sp3
OR
microsoftofficeMatch2004mac
OR
microsoftofficeMatch2008mac
OR
microsoftopen_xml_file_format_convertermac

Social References

More

Related

packetstorm 2
seebug 2
checkpoint_advisories 2
cisa_kev 1
nvd 1
exploitpack 3
zdi 1
attackerkb 1
securityvulns 5
cvelist 1
prion 1
exploitdb 1
threatpost 2
thn 2
nessus 2
openvas 2
packetstorm
packetstorm
Microsoft Excel Featheader Buffer Overflow
2010-08-24 00:00:00
Microsoft Excel Malformed FEATHEADER Record Vulnerability
2010-02-15 00:00:00
seebug
seebug
MS Excel Malformed FEATHEADER Record Exploit (MS09-067)
2014-07-01 00:00:00
Microsoft Excel FEATHEADER记录内存破坏漏洞(MS09-067)
2009-11-11 00:00:00
checkpoint_advisories
checkpoint_advisories
Microsoft Office Excel Featheader Record Memory Corruption (MS09-067; CVE-2009-3129)
2009-11-10 00:00:00
Microsoft Office Excel Featheader Record Memory Corruption (MS09-067) - Ver2 (CVE-2009-3129)
2014-03-03 00:00:00
cisa_kev
cisa_kev
Microsoft Excel Featheader Record Memory Corruption Vulnerability
2022-03-03 00:00:00
nvd
nvd
CVE-2009-3129
2009-11-11 19:30:00
exploitpack
exploitpack
Microsoft-Excel-Malformed-FEATHEADER
2015-01-07 13:02:44
Microsoft Excel - FEATHEADER Record (MS09-067)
2010-08-21 00:00:00
Microsoft-Excel-Record
2009-01-19 00:00:00
zdi
zdi
Microsoft Excel Shared Feature Header Pointer Offset Memory Corruption Vulnerability
2009-11-10 00:00:00
attackerkb
attackerkb
CVE-2009-3129
2009-11-11 00:00:00
securityvulns
securityvulns
ZDI-09-083: Microsoft Excel Shared Feature Header Pointer Offset Memory Corruption Vulnerability
2009-11-11 00:00:00
ZDI-09-083: Microsoft Excel Shared Feature Header Pointer Offset Memory Corruption Vulnerability
2009-11-11 00:00:00
iDefense Security Advisory 11.10.09: Microsoft Excel FEATHEADER Record Memory Corruption Vulnerability
2009-11-11 00:00:00
cvelist
cvelist
CVE-2009-3129
2009-11-11 19:00:00
prion
prion
Memory corruption
2009-11-11 19:30:00
exploitdb
exploitdb
Microsoft Excel - FEATHEADER Record (MS09-067)
2010-08-21 00:00:00
threatpost
threatpost
Researchers Uncover Targeted Attack Campaign Using Android Malware
2013-03-26 14:14:02
Inside the 1,000 Red October Cyberespionage Malware Modules
2013-01-17 19:20:06
thn
thn
Operation Red October : Cyber Espionage campaign against many Governments
2013-01-15 10:49:00
Operation Red October : Cyber Espionage campaign against many Governments
2013-01-14 23:49:00
nessus
nessus
MS09-067 / MS09-068: Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (972652 / 976307) (Mac OS X)
2010-10-20 00:00:00
MS09-067: Vulnerabilities in Microsoft Office Excel Could Allow Remote Code Execution (972652)
2009-11-10 00:00:00
openvas
openvas
Microsoft Office Excel Multiple Vulnerabilities (972652)
2009-11-11 00:00:00
Microsoft Office Excel Multiple Vulnerabilities (972652)
2009-11-11 00:00:00

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.5 High

AI Score

Confidence

Low

0.969 High

EPSS

Percentile

99.7%

JSON
Related for CVE-2009-3129
packetstorm2seebug2checkpoint_advisories2cisa_kev1nvd1exploitpack3zdi1attackerkb1securityvulns5cvelist1prion1exploitdb1threatpost2thn2nessus2openvas2