What is CVE-2009-0238?

CVE-2009-0238 is a vulnerability in N/a. Published 2009-02-25.

Is CVE-2009-0238 known to be exploited?

Yes. CVE-2009-0238 is listed in the CISA Known Exploited Vulnerabilities catalog (added 2026-04-14), indicating it is being actively exploited.

Vulnerability in N/a

CVE-2009-0238

Microsoft Office Excel 2000 SP3, 2002 SP3, 2003 SP3, and 2007 SP1; Excel Viewer 2003 Gold and SP3; Excel Viewer; Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1; and Excel in Microsoft Office 2004 and 2008 for Mac…

EPSS: 0.729 (98.8th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

CISA KEV (Known Exploited Vulnerabilities)

This CVE is on the CISA KEV catalog, added on 2026-04-14. CISA KEV inclusion means CISA has confirmed in-the-wild exploitation; US federal agencies are required to remediate within a published due date.

BOD 22-01 due date: 2026-04-28.

Required action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

References

www.microsoft.com/technet/security/advisory/968272.mspx (x_refsource_CONFIRM)
ADV-2009-1023 (vdb-entry, x_refsource_VUPEN)
ms-excel-unspecified-code-execution(48875) (vdb-entry, x_refsource_XF)
TA09-104A (x_refsource_CERT, third-party-advisory)
33870 (vdb-entry, x_refsource_BID)
www.symantec.com/business/security_response/writeup.jsp (x_refsource_MISC)
MS09-009 (x_refsource_MS, vendor-advisory)
oval:org.mitre.oval:def:5968 (x_refsource_OVAL, signature, vdb-entry)
isc.sans.org/diary.html (x_refsource_MISC)
1021744 (vdb-entry, x_refsource_SECTRACK)

Frequently asked questions

What is CVE-2009-0238?: CVE-2009-0238 is a vulnerability in N/a. Published 2009-02-25.
Is CVE-2009-0238 known to be exploited?: Yes. CVE-2009-0238 is listed in the CISA Known Exploited Vulnerabilities catalog (added 2026-04-14), indicating it is being actively exploited.