Shodan
Vulnerabilities
Vulnerable Software
Microsoft:  >> Excel  >> 2016  Security Vulnerabilities
CVE-2015-2558
Use-after-free vulnerability in Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Excel for Mac 2011, Excel 2016 for Mac, Excel Viewer, Office Compatibility Pack SP3, and Excel Services on SharePoint Server 2007 SP3, 2010 SP2, and 2013 SP1 allows remote attackers to execute arbitrary code via a long fileVersion element in an Office document, aka "Microsoft Office Memory Corruption Vulnerability."
CVSS Score
9.3
EPSS Score
0.43
Published
2015-10-14
CVE-2015-2523
Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel for Mac 2011 and 2016, Office Compatibility Pack SP3, and Excel Viewer allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability."
CVSS Score
9.3
EPSS Score
0.719
Published
2015-09-09
CVE-2015-2520
Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel for Mac 2011 and 2016, Office Compatibility Pack SP3, and Excel Viewer allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability."
CVSS Score
9.3
EPSS Score
0.667
Published
2015-09-09
CVE-2006-3431
Buffer overflow in certain Asian language versions of Microsoft Excel might allow user-assisted attackers to execute arbitrary code via a crafted STYLE record in a spreadsheet that triggers the overflow when the user attempts to repair the document or selects the "Style" option, as demonstrated by nanika.xls. NOTE: Microsoft has confirmed to CVE via e-mail that this is different than the other Excel vulnerabilities announced before 20060707, including CVE-2006-3059 and CVE-2006-3086.
CVSS Score
7.5
EPSS Score
0.73
Published
2006-07-07
CVE-2006-3014
Microsoft Excel allows user-assisted attackers to execute arbitrary javascript and redirect users to arbitrary sites via an Excel spreadsheet with an embedded Shockwave Flash Player ActiveX Object, which is automatically executed when the user opens the spreadsheet.
CVSS Score
5.1
EPSS Score
0.583
Published
2006-06-22
CVE-1999-0794
Microsoft Excel does not warn a user when a macro is present in a Symbolic Link (SYLK) format file.
CVSS Score
4.6
EPSS Score
0.003
Published
1999-10-01
CVE-1999-0717
A remote attacker can disable the virus warning mechanism in Microsoft Excel 97.
CVSS Score
2.6
EPSS Score
0.102
Published
1999-05-07


Products
Pricing
Contact Us

Shodan ® - All rights reserved