Lucene search
SAINT CorporationSAINT:3C9DD9608EAC804FAC75F95E40C032F4HistoryMay 24, 2007 - 12:00 a.m.
Microsoft Excel Named Graph record buffer overflow
2007-05-2400:00:00
SAINT Corporation
download.saintcorporation.com
20
0.78 High
EPSS
Percentile
98.3%
Added: 05/24/2007
CVE: CVE-2007-0215
BID: 23760
OSVDB: 34393
Background
Microsoft Excel, part of the Microsoft Office product suite, is a spreadsheet application for Windows platforms.
Problem
A buffer overflow vulnerability in Microsoft Excel allows command execution when a user opens a specially crafted spreadsheet with a long Named Graph record.
Resolution
Apply the patch referenced in Microsoft Security Bulletin 07-023.
References
<http://www.zerodayinitiative.com/advisories/ZDI-07-026.html>
Limitations
Exploit works on Microsoft Excel 2000 SP3 and 2002 SP3 and requires a user to open the exploit file.
Platforms
Windows 2000
Windows XP
Related
checkpoint_advisories
checkpoint_advisories
securityvulns
securityvulns
ZDI-07-026: Microsoft Excel BIFF File Format Named Graph Record Parsing Stack Overflow Vulnerability
2007-05-08 00:00:00
Microsoft Security Bulletin MS07-023 Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (934233)
2007-05-08 00:00:00
Microsoft Excel multiple security vulneraiblities
2007-05-10 00:00:00
saint
saint
Microsoft Excel Named Graph record buffer overflow
2007-05-24 00:00:00
Microsoft Excel Named Graph record buffer overflow
2007-05-24 00:00:00
Microsoft Excel Named Graph record buffer overflow
2007-05-24 00:00:00
prion
prion
Stack overflow
2007-05-08 22:19:00
cve
cve
CVE-2007-0215
2007-05-09 18:00:00
zdi
zdi
cvelist
cvelist
CVE-2007-0215
2007-05-09 18:00:00
nvd
nvd
CVE-2007-0215
2007-05-08 22:19:00
