Vulnerabilities > CVE-2007-1239 - Denial Of Service vulnerability in Microsoft Excel 2003

CVSS 4.3 - MEDIUM

Attack vector

NETWORK

Attack complexity

MEDIUM

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

PARTIAL

network

microsoft

NVD

Published: 2007-03-03

Updated: 2018-10-16

Summary

Microsoft Excel 2003 does not properly parse .XLS files, which allows remote attackers to cause a denial of service (application crash) via a file with a (1) corrupted XML format or a (2) corrupted XLS format, which triggers a NULL pointer dereference.

Vulnerable Configurations

Part	Description	Count
Application	Microsoft Microsoft Excel 2003	3

References

http://securityvulns.com/news/Microsoft/Excel/XML/DoS.html
http://www.securityfocus.com/archive/1/461373/100/0/threaded
http://www.securityfocus.com/bid/22717