Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
9.3
CVSSv2

CVE-2009-1136

Published: 15/07/2009 Updated: 12/10/2018
CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6
VMScore: 940
Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Subscribe to Office

Vulnerability Summary

The Microsoft Office Web Components Spreadsheet ActiveX control (aka OWC10 or OWC11), as distributed in Office XP SP3 and Office 2003 SP3, Office XP Web Components SP3, Office 2003 Web Components SP3, Office 2003 Web Components SP1 for the 2007 Microsoft Office System, Internet Security and Acceleration (ISA) Server 2004 SP3 and 2006 Gold and SP1, and Office Small Business Accounting 2006, when used in Internet Explorer, allows remote malicious users to execute arbitrary code via a crafted call to the msDataSourceObject method, as exploited in the wild in July and August 2009, aka "Office Web Components HTML Script Vulnerability."

Vulnerable Product Search on Vulmon Subscribe to Product

microsoft office 2003

microsoft isa server 2004

microsoft office web components xp

microsoft isa server 2006

microsoft office web components 2003

microsoft office xp sp3

Exploits

Exploit DB: Microsoft Office Web Components (OWC) Spreadsheet - msDataSourceObject Memory Corruption (MS09-043) (Metasploit)
## # $Id: ms09_043_owc_msdsorb 9893 2010-07-20 23:28:47Z jduck $ ## ## # This file is part of the Metasploit Framework and may be subject to # redistribution and commercial restrictions Please see the Metasploit # Framework web site for more information on licensing and terms of use # metasploitcom/framework/ ## require 'msf/core' cl ...
Exploit DB: Microsoft Office Web Components (OWC) Spreadsheet - ActiveX Buffer Overflow (PoC)
<!-- ensecuritylabru/poc/extra/382458php --> <html> <body> <script language="JavaScript"> var shellcode = unescape("evil code"); var array = new Array(); var ls = 0x81000-(shellcodelength*2); var bigblock = unescape("%u0b0c%u0b0C"); while(bigblocklength<ls/2) {bigblock+=bigblock;} var lh = bigblocksubstring(0 ...

References

CWE-94http://isc.sans.org/diary.html?storyid=6778http://trac.metasploit.com/browser/framework3/trunk/modules/exploits/windows/browser/owc_spreadsheet_msdso.rbhttp://blogs.technet.com/msrc/archive/2009/07/13/microsoft-security-advisory-973472-released.aspxhttp://xeye.us/blog/2009/07/one-0day/http://www.microsoft.com/technet/security/advisory/973472.mspxhttp://blogs.technet.com/srd/archive/2009/07/13/more-information-about-the-office-web-components-activex-vulnerability.aspxhttp://www.us-cert.gov/cas/techalerts/TA09-223A.htmlhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5809https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-043https://nvd.nist.govhttps://www.exploit-db.com/exploits/16537/https://www.kb.cert.org/vuls/id/545228
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injectionSSRFbuffer overflowCVE-2023-28952CVE-2023-41822CVE-2024-27956CVE-2023-7028CVE-2024-34447CVE-2024-34460
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook