7.6 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:H/Au:N/C:C/I:C/A:C
0.78 High
EPSS
Percentile
98.3%
Added: 05/24/2007
CVE: CVE-2007-0215
BID: 23760
OSVDB: 34393
Microsoft Excel, part of the Microsoft Office product suite, is a spreadsheet application for Windows platforms.
A buffer overflow vulnerability in Microsoft Excel allows command execution when a user opens a specially crafted spreadsheet with a long Named Graph record.
Apply the patch referenced in Microsoft Security Bulletin 07-023.
<http://www.zerodayinitiative.com/advisories/ZDI-07-026.html>
Exploit works on Microsoft Excel 2000 SP3 and 2002 SP3 and requires a user to open the exploit file.
Windows 2000
Windows XP