cvelistv5 - cve-2009-0238

CVE-2009-0238 (GCVE-0-2009-0238)

Vulnerability from cvelistv5

Published

2009-02-25 16:00

Modified

2024-08-07 04:24

Severity ?

CWE

Summary

Microsoft Office Excel 2000 SP3, 2002 SP3, 2003 SP3, and 2007 SP1; Excel Viewer 2003 Gold and SP3; Excel Viewer; Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1; and Excel in Microsoft Office 2004 and 2008 for Mac allow remote attackers to execute arbitrary code via a crafted Excel document that triggers an access attempt on an invalid object, as exploited in the wild in February 2009 by Trojan.Mdropper.AC.

References

URL

Tags

secure@microsoft.com	http://blogs.zdnet.com/security/?p=2658
secure@microsoft.com	http://isc.sans.org/diary.html?storyid=5923
secure@microsoft.com	http://securitytracker.com/id?1021744
secure@microsoft.com	http://www.microsoft.com/technet/security/advisory/968272.mspx	Vendor Advisory
secure@microsoft.com	http://www.securityfocus.com/bid/33870
secure@microsoft.com	http://www.symantec.com/business/security_response/writeup.jsp?docid=2009-022310-4202-99
secure@microsoft.com	http://www.us-cert.gov/cas/techalerts/TA09-104A.html	US Government Resource
secure@microsoft.com	http://www.vupen.com/english/advisories/2009/1023
secure@microsoft.com	https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-009
secure@microsoft.com	https://exchange.xforce.ibmcloud.com/vulnerabilities/48875
secure@microsoft.com	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5968
af854a3a-2127-422b-91ae-364da2661108	http://blogs.zdnet.com/security/?p=2658
af854a3a-2127-422b-91ae-364da2661108	http://isc.sans.org/diary.html?storyid=5923
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1021744
af854a3a-2127-422b-91ae-364da2661108	http://www.microsoft.com/technet/security/advisory/968272.mspx	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/33870
af854a3a-2127-422b-91ae-364da2661108	http://www.symantec.com/business/security_response/writeup.jsp?docid=2009-022310-4202-99
af854a3a-2127-422b-91ae-364da2661108	http://www.us-cert.gov/cas/techalerts/TA09-104A.html	US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2009/1023
af854a3a-2127-422b-91ae-364da2661108	https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-009
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/48875
af854a3a-2127-422b-91ae-364da2661108	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5968

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T04:24:18.463Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.microsoft.com/technet/security/advisory/968272.mspx"
          },
          {
            "name": "ADV-2009-1023",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/1023"
          },
          {
            "name": "ms-excel-unspecified-code-execution(48875)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/48875"
          },
          {
            "name": "TA09-104A",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT",
              "x_transferred"
            ],
            "url": "http://www.us-cert.gov/cas/techalerts/TA09-104A.html"
          },
          {
            "name": "33870",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/33870"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.symantec.com/business/security_response/writeup.jsp?docid=2009-022310-4202-99"
          },
          {
            "name": "MS09-009",
            "tags": [
              "vendor-advisory",
              "x_refsource_MS",
              "x_transferred"
            ],
            "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-009"
          },
          {
            "name": "oval:org.mitre.oval:def:5968",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5968"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://isc.sans.org/diary.html?storyid=5923"
          },
          {
            "name": "1021744",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1021744"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://blogs.zdnet.com/security/?p=2658"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2009-02-24T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Microsoft Office Excel 2000 SP3, 2002 SP3, 2003 SP3, and 2007 SP1; Excel Viewer 2003 Gold and SP3; Excel Viewer; Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1; and Excel in Microsoft Office 2004 and 2008 for Mac allow remote attackers to execute arbitrary code via a crafted Excel document that triggers an access attempt on an invalid object, as exploited in the wild in February 2009 by Trojan.Mdropper.AC."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-12T19:57:01",
        "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "shortName": "microsoft"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.microsoft.com/technet/security/advisory/968272.mspx"
        },
        {
          "name": "ADV-2009-1023",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/1023"
        },
        {
          "name": "ms-excel-unspecified-code-execution(48875)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/48875"
        },
        {
          "name": "TA09-104A",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT"
          ],
          "url": "http://www.us-cert.gov/cas/techalerts/TA09-104A.html"
        },
        {
          "name": "33870",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/33870"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.symantec.com/business/security_response/writeup.jsp?docid=2009-022310-4202-99"
        },
        {
          "name": "MS09-009",
          "tags": [
            "vendor-advisory",
            "x_refsource_MS"
          ],
          "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-009"
        },
        {
          "name": "oval:org.mitre.oval:def:5968",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5968"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://isc.sans.org/diary.html?storyid=5923"
        },
        {
          "name": "1021744",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1021744"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://blogs.zdnet.com/security/?p=2658"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secure@microsoft.com",
          "ID": "CVE-2009-0238",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Microsoft Office Excel 2000 SP3, 2002 SP3, 2003 SP3, and 2007 SP1; Excel Viewer 2003 Gold and SP3; Excel Viewer; Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1; and Excel in Microsoft Office 2004 and 2008 for Mac allow remote attackers to execute arbitrary code via a crafted Excel document that triggers an access attempt on an invalid object, as exploited in the wild in February 2009 by Trojan.Mdropper.AC."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.microsoft.com/technet/security/advisory/968272.mspx",
              "refsource": "CONFIRM",
              "url": "http://www.microsoft.com/technet/security/advisory/968272.mspx"
            },
            {
              "name": "ADV-2009-1023",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2009/1023"
            },
            {
              "name": "ms-excel-unspecified-code-execution(48875)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/48875"
            },
            {
              "name": "TA09-104A",
              "refsource": "CERT",
              "url": "http://www.us-cert.gov/cas/techalerts/TA09-104A.html"
            },
            {
              "name": "33870",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/33870"
            },
            {
              "name": "http://www.symantec.com/business/security_response/writeup.jsp?docid=2009-022310-4202-99",
              "refsource": "MISC",
              "url": "http://www.symantec.com/business/security_response/writeup.jsp?docid=2009-022310-4202-99"
            },
            {
              "name": "MS09-009",
              "refsource": "MS",
              "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-009"
            },
            {
              "name": "oval:org.mitre.oval:def:5968",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5968"
            },
            {
              "name": "http://isc.sans.org/diary.html?storyid=5923",
              "refsource": "MISC",
              "url": "http://isc.sans.org/diary.html?storyid=5923"
            },
            {
              "name": "1021744",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1021744"
            },
            {
              "name": "http://blogs.zdnet.com/security/?p=2658",
              "refsource": "MISC",
              "url": "http://blogs.zdnet.com/security/?p=2658"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
    "assignerShortName": "microsoft",
    "cveId": "CVE-2009-0238",
    "datePublished": "2009-02-25T16:00:00",
    "dateReserved": "2009-01-20T00:00:00",
    "dateUpdated": "2024-08-07T04:24:18.463Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2009-0238\",\"sourceIdentifier\":\"secure@microsoft.com\",\"published\":\"2009-02-25T16:30:00.343\",\"lastModified\":\"2025-04-09T00:30:58.490\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Microsoft Office Excel 2000 SP3, 2002 SP3, 2003 SP3, and 2007 SP1; Excel Viewer 2003 Gold and SP3; Excel Viewer; Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1; and Excel in Microsoft Office 2004 and 2008 for Mac allow remote attackers to execute arbitrary code via a crafted Excel document that triggers an access attempt on an invalid object, as exploited in the wild in February 2009 by Trojan.Mdropper.AC.\"},{\"lang\":\"es\",\"value\":\"Microsoft Office Excel 2000 SP3, 2002 SP3, 2003 SP3 y 2007 SP1; Excel Viewer 2003 Gold y SP3; Excel Viewer; Compatibility Pack para Word, Excel y PowerPoint 2007 File Formats SP1; y Excel de Microsoft Office 2004 y 2008 para Mac; permiten a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de un documento Excel manipulado que provoca un intento de acceso a un objeto no v\u00e1lido, tal y como se ha explotado libremente en Febrero 2009 por MDropper.XR.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:C/I:C/A:C\",\"baseScore\":9.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":8.6,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":true,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-94\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:excel:2004:*:mac:*:*:*:*:*\",\"matchCriteriaId\":\"CE1A1218-8033-4F3C-B8D7-7D1D61A273E6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:excel_viewer:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"971EC323-267F-4DAF-BA3B-10A47A9F1ADA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:office:2008:*:mac:*:*:*:*:*\",\"matchCriteriaId\":\"5BA91840-371C-4282-9F7F-B393F785D260\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:office_compatibility_pack:2007:sp1:*:*:*:*:*:*\",\"matchCriteriaId\":\"C5C94F2C-786B-45E4-B80A-FC668D917014\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:office_excel:2000:sp3:*:*:*:*:*:*\",\"matchCriteriaId\":\"806086B6-AB83-4008-A1A2-73BC35A95925\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:office_excel:2002:sp3:*:*:*:*:*:*\",\"matchCriteriaId\":\"ECDF1C1D-EF63-4A3E-AEE2-2D2D9FDBF368\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:office_excel:2003:sp3:*:*:*:*:*:*\",\"matchCriteriaId\":\"AD22DBA8-40B0-4197-9D56-38D5D9E1ED89\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:office_excel:2007:sp1:*:*:*:*:*:*\",\"matchCriteriaId\":\"297A9F48-13DF-4042-AC21-B8B764B217BE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:office_excel_viewer:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4A2613CE-C469-43AE-A590-87CE1FAADA8B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:office_excel_viewer:2003:gold:*:*:*:*:*:*\",\"matchCriteriaId\":\"D2289060-BDF3-4F45-B256-FE3DBA8181E8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:office_excel_viewer:2003:sp3:*:*:*:*:*:*\",\"matchCriteriaId\":\"B18C291F-57C2-4328-8FCF-3C1A27B0D18D\"}]}]}],\"references\":[{\"url\":\"http://blogs.zdnet.com/security/?p=2658\",\"source\":\"secure@microsoft.com\"},{\"url\":\"http://isc.sans.org/diary.html?storyid=5923\",\"source\":\"secure@microsoft.com\"},{\"url\":\"http://securitytracker.com/id?1021744\",\"source\":\"secure@microsoft.com\"},{\"url\":\"http://www.microsoft.com/technet/security/advisory/968272.mspx\",\"source\":\"secure@microsoft.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/33870\",\"source\":\"secure@microsoft.com\"},{\"url\":\"http://www.symantec.com/business/security_response/writeup.jsp?docid=2009-022310-4202-99\",\"source\":\"secure@microsoft.com\"},{\"url\":\"http://www.us-cert.gov/cas/techalerts/TA09-104A.html\",\"source\":\"secure@microsoft.com\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://www.vupen.com/english/advisories/2009/1023\",\"source\":\"secure@microsoft.com\"},{\"url\":\"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-009\",\"source\":\"secure@microsoft.com\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/48875\",\"source\":\"secure@microsoft.com\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5968\",\"source\":\"secure@microsoft.com\"},{\"url\":\"http://blogs.zdnet.com/security/?p=2658\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://isc.sans.org/diary.html?storyid=5923\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://securitytracker.com/id?1021744\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.microsoft.com/technet/security/advisory/968272.mspx\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/33870\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.symantec.com/business/security_response/writeup.jsp?docid=2009-022310-4202-99\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.us-cert.gov/cas/techalerts/TA09-104A.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://www.vupen.com/english/advisories/2009/1023\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-009\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/48875\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5968\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}

gsd-2009-0238

Vulnerability from gsd

Modified

2023-12-13 01:19

Details

Aliases

CVE-2009-0238

Aliases

CVE-2009-0238

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2009-0238",
    "description": "Microsoft Office Excel 2000 SP3, 2002 SP3, 2003 SP3, and 2007 SP1; Excel Viewer 2003 Gold and SP3; Excel Viewer; Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1; and Excel in Microsoft Office 2004 and 2008 for Mac allow remote attackers to execute arbitrary code via a crafted Excel document that triggers an access attempt on an invalid object, as exploited in the wild in February 2009 by Trojan.Mdropper.AC.",
    "id": "GSD-2009-0238"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2009-0238"
      ],
      "details": "Microsoft Office Excel 2000 SP3, 2002 SP3, 2003 SP3, and 2007 SP1; Excel Viewer 2003 Gold and SP3; Excel Viewer; Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1; and Excel in Microsoft Office 2004 and 2008 for Mac allow remote attackers to execute arbitrary code via a crafted Excel document that triggers an access attempt on an invalid object, as exploited in the wild in February 2009 by Trojan.Mdropper.AC.",
      "id": "GSD-2009-0238",
      "modified": "2023-12-13T01:19:43.707027Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "secure@microsoft.com",
        "ID": "CVE-2009-0238",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Microsoft Office Excel 2000 SP3, 2002 SP3, 2003 SP3, and 2007 SP1; Excel Viewer 2003 Gold and SP3; Excel Viewer; Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1; and Excel in Microsoft Office 2004 and 2008 for Mac allow remote attackers to execute arbitrary code via a crafted Excel document that triggers an access attempt on an invalid object, as exploited in the wild in February 2009 by Trojan.Mdropper.AC."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "http://www.microsoft.com/technet/security/advisory/968272.mspx",
            "refsource": "CONFIRM",
            "url": "http://www.microsoft.com/technet/security/advisory/968272.mspx"
          },
          {
            "name": "ADV-2009-1023",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2009/1023"
          },
          {
            "name": "ms-excel-unspecified-code-execution(48875)",
            "refsource": "XF",
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/48875"
          },
          {
            "name": "TA09-104A",
            "refsource": "CERT",
            "url": "http://www.us-cert.gov/cas/techalerts/TA09-104A.html"
          },
          {
            "name": "33870",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/33870"
          },
          {
            "name": "http://www.symantec.com/business/security_response/writeup.jsp?docid=2009-022310-4202-99",
            "refsource": "MISC",
            "url": "http://www.symantec.com/business/security_response/writeup.jsp?docid=2009-022310-4202-99"
          },
          {
            "name": "MS09-009",
            "refsource": "MS",
            "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-009"
          },
          {
            "name": "oval:org.mitre.oval:def:5968",
            "refsource": "OVAL",
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5968"
          },
          {
            "name": "http://isc.sans.org/diary.html?storyid=5923",
            "refsource": "MISC",
            "url": "http://isc.sans.org/diary.html?storyid=5923"
          },
          {
            "name": "1021744",
            "refsource": "SECTRACK",
            "url": "http://securitytracker.com/id?1021744"
          },
          {
            "name": "http://blogs.zdnet.com/security/?p=2658",
            "refsource": "MISC",
            "url": "http://blogs.zdnet.com/security/?p=2658"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:microsoft:office_excel:2007:sp1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:microsoft:excel_viewer:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:microsoft:office_excel:2000:sp3:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:microsoft:office_compatibility_pack:2007:sp1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:microsoft:office_excel_viewer:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:microsoft:office_excel:2002:sp3:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:microsoft:office_excel:2003:sp3:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:microsoft:office_excel_viewer:2003:sp3:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:microsoft:office_excel_viewer:2003:gold:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:microsoft:excel:2004:*:mac:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:microsoft:office:2008:*:mac:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "secure@microsoft.com",
          "ID": "CVE-2009-0238"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Microsoft Office Excel 2000 SP3, 2002 SP3, 2003 SP3, and 2007 SP1; Excel Viewer 2003 Gold and SP3; Excel Viewer; Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1; and Excel in Microsoft Office 2004 and 2008 for Mac allow remote attackers to execute arbitrary code via a crafted Excel document that triggers an access attempt on an invalid object, as exploited in the wild in February 2009 by Trojan.Mdropper.AC."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-94"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.microsoft.com/technet/security/advisory/968272.mspx",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://www.microsoft.com/technet/security/advisory/968272.mspx"
            },
            {
              "name": "33870",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/33870"
            },
            {
              "name": "http://www.symantec.com/business/security_response/writeup.jsp?docid=2009-022310-4202-99",
              "refsource": "MISC",
              "tags": [],
              "url": "http://www.symantec.com/business/security_response/writeup.jsp?docid=2009-022310-4202-99"
            },
            {
              "name": "http://isc.sans.org/diary.html?storyid=5923",
              "refsource": "MISC",
              "tags": [],
              "url": "http://isc.sans.org/diary.html?storyid=5923"
            },
            {
              "name": "1021744",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://securitytracker.com/id?1021744"
            },
            {
              "name": "http://blogs.zdnet.com/security/?p=2658",
              "refsource": "MISC",
              "tags": [],
              "url": "http://blogs.zdnet.com/security/?p=2658"
            },
            {
              "name": "TA09-104A",
              "refsource": "CERT",
              "tags": [
                "US Government Resource"
              ],
              "url": "http://www.us-cert.gov/cas/techalerts/TA09-104A.html"
            },
            {
              "name": "ADV-2009-1023",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2009/1023"
            },
            {
              "name": "ms-excel-unspecified-code-execution(48875)",
              "refsource": "XF",
              "tags": [],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/48875"
            },
            {
              "name": "oval:org.mitre.oval:def:5968",
              "refsource": "OVAL",
              "tags": [],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5968"
            },
            {
              "name": "MS09-009",
              "refsource": "MS",
              "tags": [],
              "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-009"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 9.3,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "COMPLETE",
            "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 8.6,
          "impactScore": 10.0,
          "obtainAllPrivilege": true,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": true
        }
      },
      "lastModifiedDate": "2018-10-12T21:50Z",
      "publishedDate": "2009-02-25T16:30Z"
    }
  }
}

CERTA-2009-AVI-147

Vulnerability from certfr_avis

Une vulnérabilité a été identifiée dans Microsoft Excel. L'exploitation de cette vulnérabilité permet à une personne malveillante d'exécuter du code arbitraire à distance par le biais d'un document spécialement construit.

Description

Une vulnérabilité a été identifiée dans l'application bureautique Microsoft Excel.

Cette vulnérabilité est due à la mauvaise interprétation de certains objets des documents XLS, provoquant ainsi une corruption de mémoire. L'exploitation de cette vulnérabilité permet à une personne malintentionnée d'exécuter du code arbitraire via un document XLS spécialement construit.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Microsoft	Office	Microsoft Office Excel 2007 Service Pack 1 ;
Microsoft	Office	Microsoft Office 2008 pour Mac.
Microsoft	Office	Microsoft Office Excel Viewer 2003 ;
Microsoft	Office	Microsoft Office Excel Viewer ;
Microsoft	Office	Microsoft Office Excel 2000 Service Pack 3 ;
Microsoft	Office	Microsoft Office Compatibility Pack pour Word, Excel et Powerpoint 2007, Service Pack 1 ;
Microsoft	Office	Microsoft Office Excel Viewer 2003 Service Pack 3 ;
Microsoft	Office	Microsoft Office Excel 2003 Service Pack 3 ;
Microsoft	Office	Microsoft Office 2004 pour Mac ;
Microsoft	Office	Microsoft Office Excel 2002 Service Pack 3 ;

References

Title

Publication Time

Tags

Bulletin de sécurité MS09-009 du 14 avril 2009	None	vendor-advisory
Alerte du CERTA numéro CERTA-2009-ALE-002 du 25 février 2009 :	-	other
Bulletin de sécurité Microsoft MS09-009 du 14 avril 2009 :	-	other
Bulletin de sécurité Microsoft MS09-009 du 14 avril 2009 :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Microsoft Office Excel 2007 Service Pack 1 ;",
      "product": {
        "name": "Office",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Office 2008 pour Mac.",
      "product": {
        "name": "Office",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Office Excel Viewer 2003 ;",
      "product": {
        "name": "Office",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Office Excel Viewer ;",
      "product": {
        "name": "Office",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Office Excel 2000 Service Pack 3 ;",
      "product": {
        "name": "Office",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Office Compatibility Pack pour Word, Excel et Powerpoint 2007, Service Pack 1 ;",
      "product": {
        "name": "Office",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Office Excel Viewer 2003 Service Pack 3 ;",
      "product": {
        "name": "Office",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Office Excel 2003 Service Pack 3 ;",
      "product": {
        "name": "Office",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Office 2004 pour Mac ;",
      "product": {
        "name": "Office",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Office Excel 2002 Service Pack 3 ;",
      "product": {
        "name": "Office",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Description\n\nUne vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 identifi\u00e9e dans l\u0027application bureautique\nMicrosoft Excel.\n\nCette vuln\u00e9rabilit\u00e9 est due \u00e0 la mauvaise interpr\u00e9tation de certains\nobjets des documents XLS, provoquant ainsi une corruption de m\u00e9moire.\nL\u0027exploitation de cette vuln\u00e9rabilit\u00e9 permet \u00e0 une personne\nmalintentionn\u00e9e d\u0027ex\u00e9cuter du code arbitraire via un document XLS\nsp\u00e9cialement construit.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2009-0238",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-0238"
    },
    {
      "name": "CVE-2009-0100",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-0100"
    }
  ],
  "initial_release_date": "2009-04-15T00:00:00",
  "last_revision_date": "2009-04-15T00:00:00",
  "links": [
    {
      "title": "Alerte du CERTA num\u00e9ro CERTA-2009-ALE-002 du 25 f\u00e9vrier    2009 :",
      "url": "http://www.certa.ssi.gouv.fr/site/CERTA-2009-ALE-002/index.html"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft MS09-009 du 14 avril 2009 :",
      "url": "http://www.microsoft.com/technet/security/Bulletin/MS09-009.mspx"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft MS09-009 du 14 avril 2009 :",
      "url": "http://www.microsoft.com/france/technet/security/Bulletin/MS09-009.mspx"
    }
  ],
  "reference": "CERTA-2009-AVI-147",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2009-04-15T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 identifi\u00e9e dans \u003cspan class=\"textit\"\u003eMicrosoft\nExcel\u003c/span\u003e. L\u0027exploitation de cette vuln\u00e9rabilit\u00e9 permet \u00e0 une\npersonne malveillante d\u0027ex\u00e9cuter du code arbitraire \u00e0 distance par le\nbiais d\u0027un document sp\u00e9cialement construit.\n",
  "title": "Vuln\u00e9rabilit\u00e9 dans Microsoft Excel",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 MS09-009 du 14 avril 2009",
      "url": null
    }
  ]
}

fkie_cve-2009-0238

Vulnerability from fkie_nvd

Published

2009-02-25 16:30

Modified

2025-04-09 00:30

Severity ?

Summary

References

URL	Tags
secure@microsoft.com	http://blogs.zdnet.com/security/?p=2658
secure@microsoft.com	http://isc.sans.org/diary.html?storyid=5923
secure@microsoft.com	http://securitytracker.com/id?1021744
secure@microsoft.com	http://www.microsoft.com/technet/security/advisory/968272.mspx	Vendor Advisory
secure@microsoft.com	http://www.securityfocus.com/bid/33870
secure@microsoft.com	http://www.symantec.com/business/security_response/writeup.jsp?docid=2009-022310-4202-99
secure@microsoft.com	http://www.us-cert.gov/cas/techalerts/TA09-104A.html	US Government Resource
secure@microsoft.com	http://www.vupen.com/english/advisories/2009/1023
secure@microsoft.com	https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-009
secure@microsoft.com	https://exchange.xforce.ibmcloud.com/vulnerabilities/48875
secure@microsoft.com	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5968
af854a3a-2127-422b-91ae-364da2661108	http://blogs.zdnet.com/security/?p=2658
af854a3a-2127-422b-91ae-364da2661108	http://isc.sans.org/diary.html?storyid=5923
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1021744
af854a3a-2127-422b-91ae-364da2661108	http://www.microsoft.com/technet/security/advisory/968272.mspx	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/33870
af854a3a-2127-422b-91ae-364da2661108	http://www.symantec.com/business/security_response/writeup.jsp?docid=2009-022310-4202-99
af854a3a-2127-422b-91ae-364da2661108	http://www.us-cert.gov/cas/techalerts/TA09-104A.html	US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2009/1023
af854a3a-2127-422b-91ae-364da2661108	https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-009
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/48875
af854a3a-2127-422b-91ae-364da2661108	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5968

Impacted products

Vendor	Product	Version
microsoft	excel	2004
microsoft	excel_viewer	*
microsoft	office	2008
microsoft	office_compatibility_pack	2007
microsoft	office_excel	2000
microsoft	office_excel	2002
microsoft	office_excel	2003
microsoft	office_excel	2007
microsoft	office_excel_viewer	*
microsoft	office_excel_viewer	2003
microsoft	office_excel_viewer	2003

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:microsoft:excel:2004:*:mac:*:*:*:*:*",
              "matchCriteriaId": "CE1A1218-8033-4F3C-B8D7-7D1D61A273E6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:excel_viewer:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "971EC323-267F-4DAF-BA3B-10A47A9F1ADA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:office:2008:*:mac:*:*:*:*:*",
              "matchCriteriaId": "5BA91840-371C-4282-9F7F-B393F785D260",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:office_compatibility_pack:2007:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "C5C94F2C-786B-45E4-B80A-FC668D917014",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:office_excel:2000:sp3:*:*:*:*:*:*",
              "matchCriteriaId": "806086B6-AB83-4008-A1A2-73BC35A95925",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:office_excel:2002:sp3:*:*:*:*:*:*",
              "matchCriteriaId": "ECDF1C1D-EF63-4A3E-AEE2-2D2D9FDBF368",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:office_excel:2003:sp3:*:*:*:*:*:*",
              "matchCriteriaId": "AD22DBA8-40B0-4197-9D56-38D5D9E1ED89",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:office_excel:2007:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "297A9F48-13DF-4042-AC21-B8B764B217BE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:office_excel_viewer:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4A2613CE-C469-43AE-A590-87CE1FAADA8B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:office_excel_viewer:2003:gold:*:*:*:*:*:*",
              "matchCriteriaId": "D2289060-BDF3-4F45-B256-FE3DBA8181E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:office_excel_viewer:2003:sp3:*:*:*:*:*:*",
              "matchCriteriaId": "B18C291F-57C2-4328-8FCF-3C1A27B0D18D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Microsoft Office Excel 2000 SP3, 2002 SP3, 2003 SP3, and 2007 SP1; Excel Viewer 2003 Gold and SP3; Excel Viewer; Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1; and Excel in Microsoft Office 2004 and 2008 for Mac allow remote attackers to execute arbitrary code via a crafted Excel document that triggers an access attempt on an invalid object, as exploited in the wild in February 2009 by Trojan.Mdropper.AC."
    },
    {
      "lang": "es",
      "value": "Microsoft Office Excel 2000 SP3, 2002 SP3, 2003 SP3 y 2007 SP1; Excel Viewer 2003 Gold y SP3; Excel Viewer; Compatibility Pack para Word, Excel y PowerPoint 2007 File Formats SP1; y Excel de Microsoft Office 2004 y 2008 para Mac; permiten a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de un documento Excel manipulado que provoca un intento de acceso a un objeto no v\u00e1lido, tal y como se ha explotado libremente en Febrero 2009 por MDropper.XR."
    }
  ],
  "id": "CVE-2009-0238",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.3,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 10.0,
        "obtainAllPrivilege": true,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2009-02-25T16:30:00.343",
  "references": [
    {
      "source": "secure@microsoft.com",
      "url": "http://blogs.zdnet.com/security/?p=2658"
    },
    {
      "source": "secure@microsoft.com",
      "url": "http://isc.sans.org/diary.html?storyid=5923"
    },
    {
      "source": "secure@microsoft.com",
      "url": "http://securitytracker.com/id?1021744"
    },
    {
      "source": "secure@microsoft.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.microsoft.com/technet/security/advisory/968272.mspx"
    },
    {
      "source": "secure@microsoft.com",
      "url": "http://www.securityfocus.com/bid/33870"
    },
    {
      "source": "secure@microsoft.com",
      "url": "http://www.symantec.com/business/security_response/writeup.jsp?docid=2009-022310-4202-99"
    },
    {
      "source": "secure@microsoft.com",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/cas/techalerts/TA09-104A.html"
    },
    {
      "source": "secure@microsoft.com",
      "url": "http://www.vupen.com/english/advisories/2009/1023"
    },
    {
      "source": "secure@microsoft.com",
      "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-009"
    },
    {
      "source": "secure@microsoft.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/48875"
    },
    {
      "source": "secure@microsoft.com",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5968"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://blogs.zdnet.com/security/?p=2658"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://isc.sans.org/diary.html?storyid=5923"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1021744"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.microsoft.com/technet/security/advisory/968272.mspx"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/33870"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.symantec.com/business/security_response/writeup.jsp?docid=2009-022310-4202-99"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/cas/techalerts/TA09-104A.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2009/1023"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-009"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/48875"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5968"
    }
  ],
  "sourceIdentifier": "secure@microsoft.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-94"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CERTA-2009-ALE-002

Vulnerability from certfr_alerte

Une vulnérabilité a été identifiée sur Microsoft Excel. L'exploitation de cette dernière par le biais d'un document spécialement conçu permet à une personne malveillante d'exécuter du code arbitraire à distance sur un poste ayant une version vulnérable de l'application.

Description

Une vulnérabilité a été identifiée sur l'application bureautique Microsoft Excel.

L'exploitation de cette vulnérabilité par le biais d'un document XLS spécialement conçu permet à une personne malveillante d'exécuter du code arbitraire à distance sur un poste ayant une version vulnérable de l'application.

Contournement provisoire

Dans l'attente d'un correctif, plusieurs mesures permettent de réduire l'impact de l'exploitation de cette vulnérabilité :

travailler avec un compte utilisateur aux droits restreints (principe du moindre privilège) ;
utiliser l'outil de conversion MOICE (Microsoft Office Isolated Conversion Environment) pour convertir tout fichier XLS en XSLX avant son ouverture ;
activer la mesure (très restrictive) FileBlock, imposant l'ouverture unique des fichiers au nouveau format XML. Les détails pratiques se trouvent dans l'avis de sécurité Microsoft ;
utiliser un logiciel alternatif (visualisateur, tableur ou suite bureautique) ;
n'ouvrir que des documents issus de sources de confiance ;
être circonspect à l'égard des pièces jointes de courriels et des documents téléchargés.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Microsoft	Office	Microsoft Office Excel 2007 Service Pack 1 ;
Microsoft	Office	Microsoft Office 2008 pour Mac.
Microsoft	Office	Microsoft Office Excel Viewer 2003 ;
Microsoft	Office	Microsoft Office Excel Viewer ;
Microsoft	Office	Microsoft Office Excel 2000 Service Pack 3 ;
Microsoft	Office	Microsoft Office Compatibility Pack pour Word, Excel et Powerpoint 2007, Service Pack 1 ;
Microsoft	Office	Microsoft Office Excel Viewer 2003 Service Pack 3 ;
Microsoft	Office	Microsoft Office Excel 2003 Service Pack 3 ;
Microsoft	Office	Microsoft Office 2004 pour Mac ;
Microsoft	Office	Microsoft Office Excel 2002 Service Pack 3 ;

References

Title

Publication Time

Tags

Bulletin de sécurité Microsoft MS09-009 du 14 avril 2009	None	vendor-advisory
Avis de sécurité Microsoft 968272 du 24 février 2009	None	vendor-advisory
Article du bloc-notes MSRC correspondant :	-	other
Article du bloc-notes SWI correspondant :	-	other
Référence CVE CVE-2009-0238 :	-	other
Avis du CERTA numéro CERTA-2009-AVI-147 du 15 avril 2009 :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Microsoft Office Excel 2007 Service Pack 1 ;",
      "product": {
        "name": "Office",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Office 2008 pour Mac.",
      "product": {
        "name": "Office",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Office Excel Viewer 2003 ;",
      "product": {
        "name": "Office",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Office Excel Viewer ;",
      "product": {
        "name": "Office",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Office Excel 2000 Service Pack 3 ;",
      "product": {
        "name": "Office",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Office Compatibility Pack pour Word, Excel et Powerpoint 2007, Service Pack 1 ;",
      "product": {
        "name": "Office",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Office Excel Viewer 2003 Service Pack 3 ;",
      "product": {
        "name": "Office",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Office Excel 2003 Service Pack 3 ;",
      "product": {
        "name": "Office",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Office 2004 pour Mac ;",
      "product": {
        "name": "Office",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Office Excel 2002 Service Pack 3 ;",
      "product": {
        "name": "Office",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "closed_at": "2009-04-15",
  "content": "## Description\n\nUne vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 identifi\u00e9e sur l\u0027application bureautique\nMicrosoft Excel.\n\nL\u0027exploitation de cette vuln\u00e9rabilit\u00e9 par le biais d\u0027un document XLS\nsp\u00e9cialement con\u00e7u permet \u00e0 une personne malveillante d\u0027ex\u00e9cuter du code\narbitraire \u00e0 distance sur un poste ayant une version vuln\u00e9rable de\nl\u0027application.\n\n## Contournement provisoire\n\nDans l\u0027attente d\u0027un correctif, plusieurs mesures permettent de r\u00e9duire\nl\u0027impact de l\u0027exploitation de cette vuln\u00e9rabilit\u00e9\u00a0:\n\n-   travailler avec un compte utilisateur aux droits restreints\n    (principe du moindre privil\u00e8ge)\u00a0;\n-   utiliser l\u0027outil de conversion MOICE (Microsoft Office Isolated\n    Conversion Environment) pour convertir tout fichier XLS en XSLX\n    avant son ouverture\u00a0;\n-   activer la mesure (tr\u00e8s restrictive) FileBlock, imposant l\u0027ouverture\n    unique des fichiers au nouveau format XML. Les d\u00e9tails pratiques se\n    trouvent dans l\u0027avis de s\u00e9curit\u00e9 Microsoft\u00a0;\n-   utiliser un logiciel alternatif (visualisateur, tableur ou suite\n    bureautique)\u00a0;\n-   n\u0027ouvrir que des documents issus de sources de confiance\u00a0;\n-   \u00eatre circonspect \u00e0 l\u0027\u00e9gard des pi\u00e8ces jointes de courriels et des\n    documents t\u00e9l\u00e9charg\u00e9s.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2009-0100",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-0100"
    },
    {
      "name": "CVE-2009-0238",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-0238"
    }
  ],
  "initial_release_date": "2009-02-25T00:00:00",
  "last_revision_date": "2009-04-15T00:00:00",
  "links": [
    {
      "title": "Article du bloc-notes MSRC correspondant :",
      "url": "http://blogs.technet.com/msrc/archive/2009/02/24/microsoft-security-advisory-968272.aspx"
    },
    {
      "title": "Article du bloc-notes SWI correspondant :",
      "url": "http://blogs.technet.com/swi/archive/2009/02/24/more-information-about-the-new-excel-vulnerability.aspx"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2009-0238 :",
      "url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0238"
    },
    {
      "title": "Avis du CERTA num\u00e9ro CERTA-2009-AVI-147 du 15 avril 2009 :",
      "url": "http://www.certa.ssi.gouv.fr/site/CERTA-2009-ALE-002/index.html"
    }
  ],
  "reference": "CERTA-2009-ALE-002",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2009-02-25T00:00:00.000000"
    },
    {
      "description": "ajout du lien vers le correctif.",
      "revision_date": "2009-04-15T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 identifi\u00e9e sur Microsoft Excel. L\u0027exploitation\nde cette derni\u00e8re par le biais d\u0027un document sp\u00e9cialement con\u00e7u permet \u00e0\nune personne malveillante d\u0027ex\u00e9cuter du code arbitraire \u00e0 distance sur\nun poste ayant une version vuln\u00e9rable de l\u0027application.\n",
  "title": "Vuln\u00e9rabilit\u00e9 dans Microsoft Excel",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft MS09-009 du 14 avril 2009",
      "url": "http://www.microsoft.com/technet/security/Bulletin/MS09-009.mspx"
    },
    {
      "published_at": null,
      "title": "Avis de s\u00e9curit\u00e9 Microsoft 968272 du 24 f\u00e9vrier 2009",
      "url": "http://www.microsoft.com/technet/security/advisory/968272.mspx"
    }
  ]
}

ghsa-qw7j-w352-g8m7

Vulnerability from github

Published

2022-05-02 03:13

Modified

2022-05-02 03:13

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2009-0238"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-94"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2009-02-25T16:30:00Z",
    "severity": "HIGH"
  },
  "details": "Microsoft Office Excel 2000 SP3, 2002 SP3, 2003 SP3, and 2007 SP1; Excel Viewer 2003 Gold and SP3; Excel Viewer; Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1; and Excel in Microsoft Office 2004 and 2008 for Mac allow remote attackers to execute arbitrary code via a crafted Excel document that triggers an access attempt on an invalid object, as exploited in the wild in February 2009 by Trojan.Mdropper.AC.",
  "id": "GHSA-qw7j-w352-g8m7",
  "modified": "2022-05-02T03:13:43Z",
  "published": "2022-05-02T03:13:43Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-0238"
    },
    {
      "type": "WEB",
      "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-009"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/48875"
    },
    {
      "type": "WEB",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5968"
    },
    {
      "type": "WEB",
      "url": "http://blogs.zdnet.com/security/?p=2658"
    },
    {
      "type": "WEB",
      "url": "http://isc.sans.org/diary.html?storyid=5923"
    },
    {
      "type": "WEB",
      "url": "http://securitytracker.com/id?1021744"
    },
    {
      "type": "WEB",
      "url": "http://www.microsoft.com/technet/security/advisory/968272.mspx"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/33870"
    },
    {
      "type": "WEB",
      "url": "http://www.symantec.com/business/security_response/writeup.jsp?docid=2009-022310-4202-99"
    },
    {
      "type": "WEB",
      "url": "http://www.us-cert.gov/cas/techalerts/TA09-104A.html"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2009/1023"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2009-0238 (GCVE-0-2009-0238)

Vulnerability from cvelistv5

gsd-2009-0238

Vulnerability from gsd

CERTA-2009-AVI-147

Vulnerability from certfr_avis

Description

Solution

fkie_cve-2009-0238

Vulnerability from fkie_nvd

CERTA-2009-ALE-002

Vulnerability from certfr_alerte

Description

Contournement provisoire

Solution

ghsa-qw7j-w352-g8m7

Vulnerability from github

Tags

Sightings

Nomenclature