Shodan
Vulnerabilities
Vulnerable Software
Microsoft:  >> Excel  Security Vulnerabilities
CVE-2001-0718
Vulnerability in (1) Microsoft Excel 2002 and earlier and (2) Microsoft PowerPoint 2002 and earlier allows attackers to bypass macro restrictions and execute arbitrary commands by modifying the data stream in the document.
CVSS Score
7.5
EPSS Score
0.127
Published
2001-10-30
CVE-2000-0765
Buffer overflow in the HTML interpreter in Microsoft Office 2000 allows an attacker to execute arbitrary commands via a long embedded object tag, aka the "Microsoft Office HTML Object Tag" vulnerability.
CVSS Score
5.1
EPSS Score
0.107
Published
2000-10-20
CVE-2000-0637
Microsoft Excel 97 and 2000 allows an attacker to execute arbitrary commands by specifying a malicious .dll using the Register.ID function, aka the "Excel REGISTER.ID Function" vulnerability.
CVSS Score
4.6
EPSS Score
0.027
Published
2000-07-26
CVE-2000-0597
Microsoft Office 2000 (Excel and PowerPoint) and PowerPoint 97 are marked as safe for scripting, which allows remote attackers to force Internet Explorer or some email clients to save files to arbitrary locations via the Visual Basic for Applications (VBA) SaveAs function, aka the "Office HTML Script" vulnerability.
CVSS Score
7.5
EPSS Score
0.096
Published
2000-06-27
CVE-2000-0419
The Office 2000 UA ActiveX Control is marked as "safe for scripting," which allows remote attackers to conduct unauthorized activities via the "Show Me" function in Office Help, aka the "Office 2000 UA Control" vulnerability.
CVSS Score
7.5
EPSS Score
0.109
Published
2000-05-11
CVE-2000-0277
Microsoft Excel 97 and 2000 does not warn the user when executing Excel Macro Language (XLM) macros in external text files, which could allow an attacker to execute a macro virus, aka the "XLM Text Macro" vulnerability.
CVSS Score
7.2
EPSS Score
0.017
Published
2000-04-03
CVE-1999-1055
Microsoft Excel 97 does not warn the user before executing worksheet functions, which could allow attackers to execute arbitrary commands by using the CALL function to execute a malicious DLL, aka the Excel "CALL Vulnerability."
CVSS Score
7.5
EPSS Score
0.077
Published
1999-12-31
CVE-1999-0794
Microsoft Excel does not warn a user when a macro is present in a Symbolic Link (SYLK) format file.
CVSS Score
4.6
EPSS Score
0.003
Published
1999-10-01
CVE-1999-0717
A remote attacker can disable the virus warning mechanism in Microsoft Excel 97.
CVSS Score
2.6
EPSS Score
0.102
Published
1999-05-07


Products
Pricing
Contact Us

Shodan ® - All rights reserved