Microsoft: >> Excel >> 2001 Security Vulnerabilities
Buffer overflow in certain Asian language versions of Microsoft Excel might allow user-assisted attackers to execute arbitrary code via a crafted STYLE record in a spreadsheet that triggers the overflow when the user attempts to repair the document or selects the "Style" option, as demonstrated by nanika.xls. NOTE: Microsoft has confirmed to CVE via e-mail that this is different than the other Excel vulnerabilities announced before 20060707, including CVE-2006-3059 and CVE-2006-3086.
CVSS Score
7.5
EPSS Score
0.73
Published
2006-07-07
Microsoft Excel allows user-assisted attackers to execute arbitrary javascript and redirect users to arbitrary sites via an Excel spreadsheet with an embedded Shockwave Flash Player ActiveX Object, which is automatically executed when the user opens the spreadsheet.
CVSS Score
5.1
EPSS Score
0.528
Published
2006-06-22
Unknown vulnerability in Microsoft Excel 2000, 2002, 2001 for Mac, and v.X for Mac allows remote attackers to execute arbitrary code via a malicious file containing certain parameters that are not properly validated.
CVSS Score
7.5
EPSS Score
0.514
Published
2004-11-03
Buffer overflow in various Microsoft applications for Macintosh allows remote attackers to cause a denial of service (crash) or execute arbitrary code by invoking the file:// directive with a large number of / characters, which affects Internet Explorer 5.1, Outlook Express 5.0 through 5.0.2, Entourage v. X and 2001, PowerPoint v. X, 2001, and 98, and Excel v. X and 2001 for Macintosh.
CVSS Score
7.5
EPSS Score
0.226
Published
2002-04-22
Vulnerability in (1) Microsoft Excel 2002 and earlier and (2) Microsoft PowerPoint 2002 and earlier allows attackers to bypass macro restrictions and execute arbitrary commands by modifying the data stream in the document.
CVSS Score
7.5
EPSS Score
0.163
Published
2001-10-30
Microsoft Excel does not warn a user when a macro is present in a Symbolic Link (SYLK) format file.
CVSS Score
4.6
EPSS Score
0.003
Published
1999-10-01
A remote attacker can disable the virus warning mechanism in Microsoft Excel 97.
CVSS Score
2.6
EPSS Score
0.066
Published
1999-05-07