CVE-2009-3130

Heap-based buffer overflow in Microsoft Office Excel 2002 SP3, Office 2004 and 2008 for Mac, and Open XML File Format Converter for Mac allows remote attackers to execute arbitrary code via a spreadsheet containing a malformed Binary File Format (aka BIFF) record that triggers memory corruption, aka "Excel Document Parsing Heap Overflow Vulnerability."

Published: Nov 11, 2009
Updated: Apr 13, 2023
CVE: CVE-2009-3130
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C

CWEs:

CWE-119

Affected Software
References

Software	From	Fixed in
microsoft / open_xml_file_format_converter	-	-
microsoft / office	2008	2008.x
microsoft / office	2004	2004.x
microsoft / excel	2007-sp2	2007-sp2.x
microsoft / excel_viewer	-	-
microsoft / excel	2007-sp1	2007-sp1.x
microsoft / compatibility_pack_word_excel_powerpoint	2007-sp2	2007-sp2.x
microsoft / excel_viewer	2003-sp3	2003-sp3.x
microsoft / excel	2002-sp3	2002-sp3.x
microsoft / compatibility_pack_word_excel_powerpoint	2007-sp1	2007-sp1.x
microsoft / excel	2003-sp3	2003-sp3.x

Vulnerability Database

289,599

CVE-2009-3130