Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
zdiAnonymousZDI-09-083
HistoryNov 10, 2009 - 12:00 a.m.

Microsoft Excel Shared Feature Header Pointer Offset Memory Corruption Vulnerability

2009-11-1000:00:00
Anonymous
www.zerodayinitiative.com
20

EPSS

0.972

Percentile

99.9%

JSON

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office Excel. User interaction is required to exploit this vulnerability in that the target must open a malicious spreadsheet. The specific flaw exists in the handling of Shared Feature Header (0x867) tags in an Excel BIFF file format. When processing the cbHdrData size element of the FEATHEADER it is possible to directly control the distance of a calculated pointer. This condition can be leveraged successfully to execute arbitrary code under the context of the currently logged in user.

Related

packetstorm 2
seebug 2
checkpoint_advisories 2
cve 1
zdt 1
exploitdb 2
exploitpack 3
cisa_kev 1
nvd 1
securityvulns 5
attackerkb 1
cvelist 1
prion 1
threatpost 2
thn 2
openvas 2
nessus 2
packetstorm
packetstorm
Microsoft Excel Featheader Buffer Overflow
2010-08-24 00:00:00
Microsoft Excel Malformed FEATHEADER Record Vulnerability
2010-02-15 00:00:00
seebug
seebug
MS Excel Malformed FEATHEADER Record Exploit (MS09-067)
2014-07-01 00:00:00
Microsoft Excel FEATHEADER记录内存破坏漏洞(MS09-067)
2009-11-11 00:00:00
checkpoint_advisories
checkpoint_advisories
Microsoft Office Excel Featheader Record Memory Corruption (MS09-067) - Ver2 (CVE-2009-3129)
2014-03-03 00:00:00
Microsoft Office Excel Featheader Record Memory Corruption (MS09-067; CVE-2009-3129)
2009-11-10 00:00:00
cve
cve
CVE-2009-3129
2009-11-11 19:30:00
zdt
zdt
MS Excel Malformed FEATHEADER Record Exploit
2010-08-28 00:00:00
exploitdb
exploitdb
Microsoft Excel - FEATHEADER Record (MS09-067)
2010-08-21 00:00:00
Microsoft Excel - Malformed FEATHEADER Record (MS09-067) (Metasploit)
2010-09-25 00:00:00
exploitpack
exploitpack
Microsoft-Excel-Malformed-FEATHEADER
2015-01-07 13:02:44
Microsoft-Excel-Record
2009-01-19 00:00:00
Microsoft Excel - FEATHEADER Record (MS09-067)
2010-08-21 00:00:00
cisa_kev
cisa_kev
Microsoft Excel Featheader Record Memory Corruption Vulnerability
2022-03-03 00:00:00
nvd
nvd
CVE-2009-3129
2009-11-11 19:30:00
securityvulns
securityvulns
ZDI-09-083: Microsoft Excel Shared Feature Header Pointer Offset Memory Corruption Vulnerability
2009-11-11 00:00:00
ZDI-09-083: Microsoft Excel Shared Feature Header Pointer Offset Memory Corruption Vulnerability
2009-11-11 00:00:00
iDefense Security Advisory 11.10.09: Microsoft Excel FEATHEADER Record Memory Corruption Vulnerability
2009-11-11 00:00:00
attackerkb
attackerkb
CVE-2009-3129
2009-11-11 00:00:00
cvelist
cvelist
CVE-2009-3129
2009-11-11 19:00:00
prion
prion
Memory corruption
2009-11-11 19:30:00
threatpost
threatpost
Researchers Uncover Targeted Attack Campaign Using Android Malware
2013-03-26 14:14:02
Inside the 1,000 Red October Cyberespionage Malware Modules
2013-01-17 19:20:06
thn
thn
Operation Red October : Cyber Espionage campaign against many Governments
2013-01-15 10:49:00
Operation Red October : Cyber Espionage campaign against many Governments
2013-01-14 23:49:00
openvas
openvas
Microsoft Office Excel Multiple Vulnerabilities (972652)
2009-11-11 00:00:00
Microsoft Office Excel Multiple Vulnerabilities (972652)
2009-11-11 00:00:00
nessus
nessus
MS09-067 / MS09-068: Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (972652 / 976307) (Mac OS X)
2010-10-20 00:00:00
MS09-067: Vulnerabilities in Microsoft Office Excel Could Allow Remote Code Execution (972652)
2009-11-10 00:00:00

EPSS

0.972

Percentile

99.9%

JSON
Related for ZDI-09-083
packetstorm2seebug2checkpoint_advisories2cve1zdt1exploitdb2exploitpack3cisa_kev1nvd1securityvulns5attackerkb1cvelist1prion1threatpost2thn2openvas2nessus2