Oval Definition:oval:org.mitre.oval:def:5922
Revision Date:2014-06-30Version:17
Title:Record Pointer Corruption Vulnerability
Description:Excel in 2007 Microsoft Office System SP1 and SP2; Microsoft Office Excel Viewer; and Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2 allow remote attackers to execute arbitrary code via a BIFF file with a malformed Qsir (0x806) record object, aka "Record Pointer Corruption Vulnerability."
Family:windowsClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2009-1134
Platform(s):Microsoft Windows 2000
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows XP
Product(s):Microsoft Excel 2007
Microsoft Office Compatibility Pack
Microsoft Office Excel Viewer
Definition Synopsis
  • AND
  • Microsoft Excel 2007 is installed
  • AND Excel.exe version is less than 12.0.6504.5001
  • OR
  • Microsoft Excel Viewer 2007 is installed
  • AND XLView.exe version is less than 12.0.6504.5000
  • OR
  • Microsoft Office Compatibility Pack is installed
  • AND Excelcnv.exe version is less than 12.0.6504.5001
    • BACK