CVE-2009-3129

Microsoft Office Excel allows remote attackers to execute arbitrary code via a spreadsheet with a FEATHEADER record containing an invalid cbHdrData size element that affects a pointer offset. Vendor/Product: Microsoft Excel. Added to CISA KEV 2022-03-03; required action: Apply updates per vendor instructions.