CVE-2009-0238
HIGH KEVMicrosoft Excel 2000 SP3-2007 SP1 - Remote Code Execution via Crafted Excel Document
Title source: llmExploitation Summary
CVE-2009-0238 is actively exploited and listed in the CISA Known Exploited Vulnerabilities (KEV) catalog, added April 14, 2026.
Description
Microsoft Office Excel 2000 SP3, 2002 SP3, 2003 SP3, and 2007 SP1; Excel Viewer 2003 Gold and SP3; Excel Viewer; Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1; and Excel in Microsoft Office 2004 and 2008 for Mac allow remote attackers to execute arbitrary code via a crafted Excel document that triggers an access attempt on an invalid object, as exploited in the wild in February 2009 by Trojan.Mdropper.AC.
References (12)
Core 12
Core References
Third Party Advisory, US Government Resource
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2009-0238
Vendor Advisory x_refsource_confirm
http://www.microsoft.com/technet/security/advisory/968272.mspx
Third Party Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2009/1023
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/48875
US Government Resource third-party-advisory
x_refsource_cert
http://www.us-cert.gov/cas/techalerts/TA09-104A.html
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/33870
Third Party Advisory x_refsource_misc
http://www.symantec.com/business/security_response/writeup.jsp?docid=2009-022310-4202-99
Vendor Advisory vendor-advisory
x_refsource_ms
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-009
Third Party Advisory, VDB Entry vdb-entry
signature
x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5968
Various Sources x_refsource_misc
http://isc.sans.org/diary.html?storyid=5923
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://securitytracker.com/id?1021744
Various Sources x_refsource_misc
http://blogs.zdnet.com/security/?p=2658
Scores
CVSS v3
8.8
EPSS
0.7475
EPSS Percentile
98.9%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
active
Automatable
no
Technical Impact
total
Details
CISA KEV
2026-04-14
VulnCheck KEV
2009-02-25
InTheWild.io
2018-10-12
ENISA EUVD
EUVD-2009-0246
CWE
CWE-94
Status
published
Products (15)
microsoft/excel
2004
microsoft/excel
2000 sp3
microsoft/excel
2002 sp3
microsoft/excel
2003 sp3
microsoft/excel
2007 sp1
microsoft/excel_viewer
microsoft/office
2008 (2 CPE variants)
microsoft/office
2004
microsoft/office_compatibility_pack
2007 sp1
microsoft/office_excel
2000 sp3
... and 5 more
Published
Feb 25, 2009
KEV Added
Apr 14, 2026
Tracked Since
Feb 18, 2026