CVE-2009-3129
Microsoft Excel Featheader Record Memory Corruption Vulnerability
CVSS
—
No CVSS
EPSS
85.7%
p100
KEV
YES
Mar 3, 2022
Exploit Today
80
0-100
Published: — · Last modified: —
85.7%EPSS · 30 days85.7%
2026-06-302026-07-16
Product
Microsoft / Excel
Vulnerability
Microsoft Excel Featheader Record Memory Corruption Vulnerability
Added to KEV
Mar 3, 2022
Remediate by
Mar 24, 2022
Known ransomware use
No
Summary description
Microsoft Office Excel allows remote attackers to execute arbitrary code via a spreadsheet with a FEATHEADER record containing an invalid cbHdrData size element that affects a pointer offset.
Required action
Apply updates per vendor instructions.
Notes
https://nvd.nist.gov/vuln/detail/CVE-2009-3129