PT-2009-3208 · Microsoft · Office Xp+2

Publicado

2009-06-10

Atualizado

2018-10-12

CVE-2009-0559

CVSS v2.0

9.3

Alta

Vetor

AV:N/AC:M/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Microsoft Office Excel versions in Microsoft Office 2000 SP3 and Office XP SP3

Description A remote code execution issue exists in Microsoft Office Excel, allowing attackers to execute arbitrary code via a crafted Excel file with a malformed record object. If successfully exploited, an attacker could take complete control of an affected system, enabling them to install programs, view, change, or delete data, or create new accounts with full user rights.

Recommendations For Microsoft Office 2000 SP3 and Office XP SP3, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

RCE

Code Injection

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-94

Identificadores relacionados

CVE-2009-0559

Produtos afetados

Office 2000

Office Excel

Office Xp

PT-2009-3208 · Microsoft · Office Xp+2

CVE-2009-0559

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 9