Vulnerability

Excel Featheader Record Memory Corruption Vulnerability

Publish date: July 21, 2015

CVE-2009-3129

SEVERITY

CRITICAL

//  ADVISORY DATE

21 JUL 2015


DESCRIPTION

Microsoft Office Excel 2002 SP3, 2003 SP3, and 2007 SP1 and SP2; Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Office Excel Viewer 2003 SP3; Office Excel Viewer SP1 and SP2; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2 allows remote attackers to execute arbitrary code via a spreadsheet with a FEATHEADER record containing an invalid cbHdrData size element that affects a pointer offset, aka "Excel Featheader Record Memory Corruption Vulnerability."

TREND MICRO PROTECTION INFORMATION

Apply associated Trend Micro DPI Rules.

SOLUTION

Trend Micro Deep Security DPI Rule Number: 1003817

Trend Micro Deep Security DPI Rule Name: 1003817 - Excel Featheader Record Memory Corruption Vulnerability

AFFECTED SOFTWARE AND VERSION

  • Microsoft Open XML File Format Converter
  • Microsoft Office 2008
  • Microsoft Office 2004
  • Microsoft Excel Viewer 2003
  • Microsoft Excel Viewer
  • Microsoft Excel 2007
  • Microsoft Excel 2003
  • Microsoft Excel 2002
  • Microsoft Compatibility Pack Word Excel Powerpoint 2007

Featured Stories

Connect with us on