Excel Featheader Record Memory Corruption Vulnerability
Gravité: : Critique
Identifiant(s) CVE: : CVE-2009-3129
Date du conseil: 21 juillet 2015
Description
Microsoft Office Excel 2002 SP3, 2003 SP3, and 2007 SP1 and SP2; Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Office Excel Viewer 2003 SP3; Office Excel Viewer SP1 and SP2; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2 allows remote attackers to execute arbitrary code via a spreadsheet with a FEATHEADER record containing an invalid cbHdrData size element that affects a pointer offset, aka "Excel Featheader Record Memory Corruption Vulnerability."
Information Exposure Rating:
Apply associated Trend Micro DPI Rules.
Solutions
Trend Micro Deep Security DPI Rule Number: 1003817
Trend Micro Deep Security DPI Rule Name: 1003817 - Excel Featheader Record Memory Corruption Vulnerability
Affected software and version:
- Microsoft Open XML File Format Converter
- Microsoft Office 2008
- Microsoft Office 2004
- Microsoft Excel Viewer 2003
- Microsoft Excel Viewer
- Microsoft Excel 2007
- Microsoft Excel 2003
- Microsoft Excel 2002
- Microsoft Compatibility Pack Word Excel Powerpoint 2007