VYPR
High severity8.8CISA KEVNVD Advisory· Published Feb 25, 2009· Updated Jun 16, 2026

CVE-2009-0238

CVE-2009-0238

Description

Microsoft Office Excel 2000 SP3, 2002 SP3, 2003 SP3, and 2007 SP1; Excel Viewer 2003 Gold and SP3; Excel Viewer; Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1; and Excel in Microsoft Office 2004 and 2008 for Mac allow remote attackers to execute arbitrary code via a crafted Excel document that triggers an access attempt on an invalid object, as exploited in the wild in February 2009 by Trojan.Mdropper.AC.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

13
  • Microsoft/Excel4 versions
    cpe:2.3:a:microsoft:excel:2000:sp3:*:*:*:*:*:*+ 3 more
    • cpe:2.3:a:microsoft:excel:2000:sp3:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:excel:2002:sp3:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:excel:2003:sp3:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:excel:2007:sp1:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:excel_viewer:*:*:*:*:*:*:*:*+ 3 more
    • cpe:2.3:a:microsoft:excel_viewer:*:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:office_excel_viewer:*:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:office_excel_viewer:2003:sp3:*:*:*:*:*:*
    • (no CPE)range: 2003 Gold and SP3, Excel Viewer
  • Microsoft/Office2 versions
    cpe:2.3:a:microsoft:office:2004:*:*:*:*:macos:*:*+ 1 more
    • cpe:2.3:a:microsoft:office:2004:*:*:*:*:macos:*:*
    • cpe:2.3:a:microsoft:office:2008:*:*:*:*:macos:*:*
  • cpe:2.3:a:microsoft:office_compatibility_pack:2007:sp1:*:*:*:*:*:*
  • Range: 2000 SP3, 2002 SP3, 2003 SP3, 2007 SP1, Excel Viewer 2003 Gold and SP3, Excel Viewer, Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1, Office 2004 for Mac, Office 2008 for Mac

Patches

Vulnerability mechanics

References

12

News mentions

0

No linked articles in our index yet.