8.1 High
AI Score
Confidence
High
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.731 High
EPSS
Percentile
98.0%
Unspecified vulnerability in Microsoft Office Excel Viewer 2003 up to SP3 allows user-assisted remote attackers to execute arbitrary code via an Excel document with malformed cell comments that trigger memory corruption from an “allocation error,” aka “Microsoft Office Cell Parsing Memory Corruption Vulnerability.”
CPE | Name | Operator | Version |
---|---|---|---|
excel_viewer | eq | 2003 |
secunia.com/advisories/29321
www.securityfocus.com/archive/1/489415/100/0/threaded
www.securitytracker.com/id?1019578
www.us-cert.gov/cas/techalerts/TA08-071A.html
www.vupen.com/english/advisories/2008/0848/references
www.zerodayinitiative.com/advisories/ZDI-08-008
docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-016
marc.info/?l=bugtraq&m=120585858807305&w=2
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5421