CVE-2009-3133

Name of the Vulnerable Software and Affected Versions: Microsoft Office Excel versions prior to the fixed version Office 2004 and 2008 for Mac versions prior to the fixed version Open XML File Format Converter for Mac versions prior to the fixed version

Description: A remote code execution issue exists due to memory corruption when loading Excel records. This could allow remote code execution if a user opens a specially crafted Excel file that includes a malformed object. An attacker who successfully exploits this issue could take complete control of an affected system, allowing them to install programs, view, change, or delete data, or create new accounts with full user rights.

Recommendations: For Microsoft Office Excel, update to a version that includes the fix for this issue. For Office 2004 and 2008 for Mac, update to a version that includes the fix for this issue. For Open XML File Format Converter for Mac, update to a version that includes the fix for this issue. As a temporary workaround, consider avoiding the use of loading Excel records functionality until a patch is available.