admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 09:11:28 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2009/CVE-2009-31xx/CVE-2009-3127.json
cad-safe-bot e6cbafdc40 Auto-Update: 2024-12-08T03:00:18.988682+00:00
2024-12-08 03:06:42 +00:00

169 lines
6.0 KiB
JSON
Raw Blame History

{
"id": "CVE-2009-3127",
"sourceIdentifier": "secure@microsoft.com",
"published": "2009-11-11T19:30:00.420",
"lastModified": "2024-11-21T01:06:36.843",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Microsoft Office Excel 2002 SP3 and 2003 SP3, Office 2004 and 2008 for Mac, Open XML File Format Converter for Mac, and Office Excel Viewer 2003 SP3 do not properly parse the Excel file format, which allows remote attackers to execute arbitrary code via a crafted spreadsheet, aka \"Excel Cache Memory Corruption Vulnerability.\""
},
{
"lang": "es",
"value": "Microsoft Office Excel v2002 SP3 y v2003 SP3, Office v2004 y 2008 para Mac, Open XML File Format Converter para Mac, y Office Excel Viewer v2003 SP3 no analiza adecuadamente el formato de archivo Excel, lo que permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de una hoja de c\u00e1lculo manipulada, como \"vulnerabilidad de corrupci\u00f3n de memoria cach\u00e9 de Excel\""
}
],
"metrics": {
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"baseScore": 9.3,
"accessVector": "NETWORK",
"accessComplexity": "MEDIUM",
"authentication": "NONE",
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"availabilityImpact": "COMPLETE"
},
"baseSeverity": "HIGH",
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": true
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-94"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:compatibility_pack_word_excel_powerpoint:2007:sp1:*:*:*:*:*:*",
"matchCriteriaId": "7EB896B5-611E-4457-B438-C6CC937D63FF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:compatibility_pack_word_excel_powerpoint:2007:sp2:*:*:*:*:*:*",
"matchCriteriaId": "3F9109ED-34C9-45E0-9E8B-FC05054E0F73"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:excel:2002:sp3:*:*:*:*:*:*",
"matchCriteriaId": "896E23B1-AB34-43FF-96F3-BA6ED7F162AF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:excel:2003:sp3:*:*:*:*:*:*",
"matchCriteriaId": "CEBB33CD-CACF-4EB8-8B5F-8E1CB8D7A440"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:excel:2007:sp1:*:*:*:*:*:*",
"matchCriteriaId": "F703901F-AD7C-42E7-BBFA-529A8C510D83"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:excel:2007:sp2:*:*:*:*:*:*",
"matchCriteriaId": "273729C3-56BF-454A-8697-473094EA828F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:excel_viewer:*:sp1:*:*:*:*:*:*",
"matchCriteriaId": "8E8D1DDD-8996-43A3-9FC7-60539E09CFC4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:excel_viewer:*:sp2:*:*:*:*:*:*",
"matchCriteriaId": "D65CAA23-16D8-4AE7-8BC4-F73B1C5F9C3B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:excel_viewer:2003:sp3:*:*:*:*:*:*",
"matchCriteriaId": "AE2F0B8B-0600-4324-93A9-07DBE97E1BB8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:office:2004:*:mac:*:*:*:*:*",
"matchCriteriaId": "9409A9BD-1E9B-49B8-884F-8FE569D8AA25"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:office:2008:*:mac:*:*:*:*:*",
"matchCriteriaId": "5BA91840-371C-4282-9F7F-B393F785D260"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:open_xml_file_format_converter:*:*:mac:*:*:*:*:*",
"matchCriteriaId": "3807A4E4-EB58-47B6-AD98-6ED464DEBA4E"
}
]
}
]
}
],
"references": [
{
"url": "http://www.securitytracker.com/id?1023157",
"source": "secure@microsoft.com"
},
{
"url": "http://www.us-cert.gov/cas/techalerts/TA09-314A.html",
"source": "secure@microsoft.com",
"tags": [
"US Government Resource"
]
},
{
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-067",
"source": "secure@microsoft.com"
},
{
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6146",
"source": "secure@microsoft.com"
},
{
"url": "http://www.securitytracker.com/id?1023157",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "http://www.us-cert.gov/cas/techalerts/TA09-314A.html",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
]
},
{
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-067",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6146",
"source": "af854a3a-2127-422b-91ae-364da2661108"
}
]
}
Reference in New Issue View Git Blame Copy Permalink