CVE-2009-0557
Microsoft Office Object Record Corruption Vulnerability
CVSS
—
No CVSS
EPSS
58.6%
p99
KEV
YES
Jun 8, 2022
Exploit Today
80
0-100
Published: — · Last modified: —
58.6%EPSS · 30 days58.6%
2026-06-302026-07-16
Product
Microsoft / Office
Vulnerability
Microsoft Office Object Record Corruption Vulnerability
Added to KEV
Jun 8, 2022
Remediate by
Jun 22, 2022
Known ransomware use
No
Summary description
Microsoft Office contains an object record corruption vulnerability that allows remote attackers to execute code via a crafted Excel file with a malformed record object.
Required action
Apply updates per vendor instructions.
Notes
https://nvd.nist.gov/vuln/detail/CVE-2009-0557
CVECVSSEPSSKEVRExploitTitleMod.
CVE-2017-11882—100.0%
KEV—80Microsoft Office Memory Corruption Vulnerability—CVE-2023-23397—99.9%
KEV—80Microsoft Office Outlook Privilege Escalation Vulnerability—CVE-2018-0798—99.9%
KEV—80Microsoft Office Memory Corruption Vulnerability—CVE-2015-1641—99.9%
KEV—80Microsoft Office Memory Corruption Vulnerability—CVE-2018-0802—99.8%
KEV—80Microsoft Office Memory Corruption Vulnerability—CVE-2010-3333—99.8%
KEV—80Microsoft Office Stack-based Buffer Overflow Vulnerability—