What is the severity of CVE-2009-3133?

CVE-2009-3133 has a moderate severity rating due to the potential for remote code execution.

How do I fix CVE-2009-3133?

To fix CVE-2009-3133, update your affected Microsoft Office or Excel versions to the latest security patches.

What software is affected by CVE-2009-3133?

CVE-2009-3133 affects Microsoft Office Excel 2002 SP3, Office 2004 and 2008 for Mac, and several versions of Excel Viewer and the Open XML File Format Converter for Mac.

Can CVE-2009-3133 be exploited remotely?

Yes, CVE-2009-3133 can be exploited remotely through a specially crafted Excel spreadsheet.

What type of vulnerability is CVE-2009-3133 classified as?

CVE-2009-3133 is classified as a memory corruption vulnerability that can lead to arbitrary code execution.

Vulnerability/
CVE-2009-3133

critical

9.3

CWE

11/11/2009

7/8/2024

CVE-2009-3133: Code Injection

First published: Wed Nov 11 2009(Updated: )

Microsoft Office Excel 2002 SP3, Office 2004 and 2008 for Mac, and Open XML File Format Converter for Mac allow remote attackers to execute arbitrary code via a spreadsheet containing a malformed object that triggers memory corruption, related to "loading Excel records," aka "Excel Document Parsing Memory Corruption Vulnerability."

Credit: secure@microsoft.com

Affected Software	Affected Version	How to fix
Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint	=2007-sp1
Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint	=2007-sp2
Microsoft Office Excel	=2002-sp3
Microsoft Office Excel	=2003-sp3
Microsoft Office Excel	=2007-sp1
Microsoft Office Excel	=2007-sp2
Microsoft Office Excel Viewer	=sp1
Microsoft Office Excel Viewer	=sp2
Microsoft Office Excel Viewer	=2003-sp3
Microsoft Office	=2004
Microsoft Office	=2008
Microsoft Open XML File Format Converter

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2009-3133?
CVE-2009-3133 has a moderate severity rating due to the potential for remote code execution.
How do I fix CVE-2009-3133?
To fix CVE-2009-3133, update your affected Microsoft Office or Excel versions to the latest security patches.
What software is affected by CVE-2009-3133?
CVE-2009-3133 affects Microsoft Office Excel 2002 SP3, Office 2004 and 2008 for Mac, and several versions of Excel Viewer and the Open XML File Format Converter for Mac.
Can CVE-2009-3133 be exploited remotely?
Yes, CVE-2009-3133 can be exploited remotely through a specially crafted Excel spreadsheet.
What type of vulnerability is CVE-2009-3133 classified as?
CVE-2009-3133 is classified as a memory corruption vulnerability that can lead to arbitrary code execution.

agent/references
agent/type
agent/weakness
agent/author
agent/severity
agent/description
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/first-publish-date
agent/event
agent/source
agent/softwarecombine
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
collector/nvd-historical
vendor/microsoft
canonical/microsoft office compatibility pack for word, excel, and powerpoint
version/microsoft office compatibility pack for word, excel, and powerpoint/2007-sp1
version/microsoft office compatibility pack for word, excel, and powerpoint/2007-sp2
canonical/microsoft office excel
version/microsoft office excel/2002-sp3
version/microsoft office excel/2003-sp3
version/microsoft office excel/2007-sp1
version/microsoft office excel/2007-sp2
canonical/microsoft office excel viewer
version/microsoft office excel viewer/sp1
version/microsoft office excel viewer/sp2
version/microsoft office excel viewer/2003-sp3
canonical/microsoft office
version/microsoft office/2004
version/microsoft office/2008
canonical/microsoft open xml file format converter