CVE-2009-0238

HIGH

Microsoft Office Excel 2000 SP3, 2002 SP3, 2003 SP3, and 2007 SP1; Excel Viewer 2003 Gold and SP3; Excel Viewer; Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1; and Excel in Microsoft Office 2004 and 2008 for Mac allow remote attackers to execute arbitrary code via a crafted Excel document that triggers an access attempt on an invalid object, as exploited in the wild in February 2009 by Trojan.Mdropper.AC.

CVSS v3.1 Score

8.8
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Attack Vector
NETWORK
Complexity
LOW
Privileges
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality
HIGH
Integrity
HIGH
Availability
HIGH
Published: 2/25/2009Modified: 4/22/2026

Related Intelligence (2)

MEDIUMVulnerability

CISA Adds Two Known Exploited Vulnerabilities to Catalog

<p>CISA has added two new vulnerabilities to its <a href="/known-exploited-vulnerabilities-catalog" data-entity-type="node" data-entity-uuid="79453b83-86b9-4e2f-b1ec-abf73c6eb291" data-entity-substitution="canonical" title="Known Exploited Vulnerabilities Catalog">Known Exploited Vulnerabilities (KEV) Catalog</a>, based on evidence of active exploitation.</p> <ul> <li><a href="https://www.cve.org/

CVE-2009-0238CVE-2026-32201
CISA Advisories
HIGHVulnerability

CISA KEV: Microsoft Office — Microsoft Office Remote Code Execution

Microsoft Office Excel contains a remote code execution vulnerability that could allow an attacker to take complete control of an affected system if a user opens a specially crafted Excel file that includes a malformed object.

CVE-2009-0238Microsoft Office
CISA KEV

References (23)

http://blogs.zdnet.com/security/?p=2658Broken Linkhttp://isc.sans.org/diary.html?storyid=5923Press/Media Coveragehttp://securitytracker.com/id?1021744Broken Linkhttp://www.microsoft.com/technet/security/advisory/968272.mspxVendor Advisoryhttp://www.securityfocus.com/bid/33870Broken Linkhttp://www.symantec.com/business/security_response/writeup.jsp?docid=2009-022310-4202-99Broken Linkhttp://www.us-cert.gov/cas/techalerts/TA09-104A.htmlUS Government Resourcehttp://www.vupen.com/english/advisories/2009/1023Broken Linkhttps://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-009Vendor Advisoryhttps://exchange.xforce.ibmcloud.com/vulnerabilities/48875Third Party Advisoryhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5968Broken Linkhttp://blogs.zdnet.com/security/?p=2658Broken Linkhttp://isc.sans.org/diary.html?storyid=5923Press/Media Coveragehttp://securitytracker.com/id?1021744Broken Linkhttp://www.microsoft.com/technet/security/advisory/968272.mspxVendor Advisoryhttp://www.securityfocus.com/bid/33870Broken Linkhttp://www.symantec.com/business/security_response/writeup.jsp?docid=2009-022310-4202-99Broken Linkhttp://www.us-cert.gov/cas/techalerts/TA09-104A.htmlUS Government Resourcehttp://www.vupen.com/english/advisories/2009/1023Broken Linkhttps://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-009Vendor Advisoryhttps://exchange.xforce.ibmcloud.com/vulnerabilities/48875Third Party Advisoryhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5968Broken Linkhttps://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2009-0238US Government Resource