CVE-2007-1203

2007-05-0822:19:00

[email protected]

web.nvd.nist.gov

cve-2007-1203

microsoft excel

sp3

sp2

2003 viewer

2004 for mac

2007

user-assisted

remote attackers

arbitrary code

memory corruption

nvd

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.4 High

AI Score

Confidence

Low

0.825 High

EPSS

Percentile

98.4%

JSON

Unspecified vulnerability in Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, 2003 Viewer, 2004 for Mac, and 2007 allows user-assisted remote attackers to execute arbitrary code via a crafted set font value in an Excel file, which results in memory corruption.

Affected configurations

NVD

Node

microsoftexcelMatch2000sp3

microsoftexcelMatch2002sp3

microsoftexcelMatch2003sp2

microsoftexcelMatch2004mac

microsoftexcelMatch2007

microsoftexcel_viewerMatch2003

CPENameOperatorVersion
microsoft:excelmicrosoft exceleq2000
microsoft:excelmicrosoft exceleq2002
microsoft:excelmicrosoft exceleq2003
microsoft:excelmicrosoft exceleq2004
microsoft:excelmicrosoft exceleq2007
microsoft:excel_viewermicrosoft excel viewereq2003

CPE	Name	Operator	Version
microsoft:excel	microsoft excel	eq	2000
microsoft:excel	microsoft excel	eq	2002
microsoft:excel	microsoft excel	eq	2003
microsoft:excel	microsoft excel	eq	2004
microsoft:excel	microsoft excel	eq	2007
microsoft:excel_viewer	microsoft excel viewer	eq	2003