Shodan
Vulnerabilities
Vulnerable Software
Microsoft:  >> Excel  Security Vulnerabilities
CVE-2007-3490
Unspecified vulnerability in Microsoft Excel 2003 SP2 allows remote attackers to have an unknown impact via unspecified vectors, possibly related to the sheet name, as demonstrated by 2670.xls.
CVSS Score
7.5
EPSS Score
0.394
Published
2007-06-29
CVE-2007-0215
Stack-based buffer overflow in Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, and 2003 Viewer allows user-assisted remote attackers to execute arbitrary code via a .XLS BIFF file with a malformed Named Graph record, which results in memory corruption.
CVSS Score
7.6
EPSS Score
0.602
Published
2007-05-08
CVE-2007-1203
Unspecified vulnerability in Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, 2003 Viewer, 2004 for Mac, and 2007 allows user-assisted remote attackers to execute arbitrary code via a crafted set font value in an Excel file, which results in memory corruption.
CVSS Score
9.3
EPSS Score
0.608
Published
2007-05-08
CVE-2007-1214
Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, 2003 Viewer, and 2004 for Mac allows user-assisted remote attackers to execute arbitrary code via a crafted AutoFilter filter record in an Excel BIFF8 format XLS file, which triggers memory corruption.
CVSS Score
6.8
EPSS Score
0.569
Published
2007-05-08
CVE-2007-1239
Microsoft Excel 2003 does not properly parse .XLS files, which allows remote attackers to cause a denial of service (application crash) via a file with a (1) corrupted XML format or a (2) corrupted XLS format, which triggers a NULL pointer dereference.
CVSS Score
4.3
EPSS Score
0.133
Published
2007-03-03
CVE-2007-0671
Known exploited
Unspecified vulnerability in Microsoft Excel 2000, XP, 2003, and 2004 for Mac, and possibly other Office products, allows remote user-assisted attackers to execute arbitrary code via unknown attack vectors, as demonstrated by Exploit-MSExcel.h in targeted zero-day attacks.
CVSS Score
8.8
EPSS Score
0.662
Published
2007-02-03
CVE-2007-0028
Microsoft Excel 2000, 2002, 2003, Viewer 2003, Office 2004 for Mac, and Office v.X for Mac does not properly handle certain opcodes, which allows user-assisted remote attackers to execute arbitrary code via a crafted XLS file, which results in an "Improper Memory Access Vulnerability." NOTE: an early disclosure of this issue used CVE-2006-3432, but only CVE-2007-0028 should be used.
CVSS Score
9.3
EPSS Score
0.483
Published
2007-01-09
CVE-2007-0029
Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, 2004 for Mac, and v.X for Mac allows user-assisted remote attackers to execute arbitrary code via a malformed string, aka "Excel Malformed String Vulnerability."
CVSS Score
9.3
EPSS Score
0.555
Published
2007-01-09
CVE-2007-0030
Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, 2004 for Mac, and v.X for Mac allows user-assisted remote attackers to execute arbitrary code via an Excel file with an out-of-range Column field in certain BIFF8 record types, which references arbitrary memory.
CVSS Score
9.3
EPSS Score
0.586
Published
2007-01-09
CVE-2007-0031
Heap-based buffer overflow in Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, 2004 for Mac, and v.X for Mac allows user-assisted remote attackers to execute arbitrary code via a BIFF8 spreadsheet with a PALETTE record that contains a large number of entries.
CVSS Score
9.3
EPSS Score
0.755
Published
2007-01-09


Products
Pricing
Contact Us

Shodan ® - All rights reserved