Vulnerabilities > Microsoft > Excel
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2007-06-29 | CVE-2007-3490 | Remote Denial Of Service vulnerability in Microsoft Excel 2003 Unspecified vulnerability in Microsoft Excel 2003 SP2 allows remote attackers to have an unknown impact via unspecified vectors, possibly related to the sheet name, as demonstrated by 2670.xls. | 7.5 |
2007-05-08 | CVE-2007-1214 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Microsoft Excel and Excel Viewer Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, 2003 Viewer, and 2004 for Mac allows user-assisted remote attackers to execute arbitrary code via a crafted AutoFilter filter record in an Excel BIFF8 format XLS file, which triggers memory corruption. | 6.8 |
2007-05-08 | CVE-2007-1203 | Remote Code Execution vulnerability in Microsoft Excel Set Font Unspecified vulnerability in Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, 2003 Viewer, 2004 for Mac, and 2007 allows user-assisted remote attackers to execute arbitrary code via a crafted set font value in an Excel file, which results in memory corruption. | 9.3 |
2007-05-08 | CVE-2007-0215 | Remote Code Execution vulnerability in Microsoft Excel, Excel Viewer and Office Stack-based buffer overflow in Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, and 2003 Viewer allows user-assisted remote attackers to execute arbitrary code via a .XLS BIFF file with a malformed Named Graph record, which results in memory corruption. | 7.6 |
2007-03-03 | CVE-2007-1239 | Denial Of Service vulnerability in Microsoft Excel 2003 Microsoft Excel 2003 does not properly parse .XLS files, which allows remote attackers to cause a denial of service (application crash) via a file with a (1) corrupted XML format or a (2) corrupted XLS format, which triggers a NULL pointer dereference. network microsoft | 4.3 |
2007-02-03 | CVE-2007-0671 | Remote Code Execution vulnerability in Microsoft Office Malformed String Unspecified vulnerability in Microsoft Excel 2000, XP, 2003, and 2004 for Mac, and possibly other Office products, allows remote user-assisted attackers to execute arbitrary code via unknown attack vectors, as demonstrated by Exploit-MSExcel.h in targeted zero-day attacks. | 9.3 |
2007-01-09 | CVE-2007-0031 | Remote Code Execution vulnerability in Microsoft Excel Malformed Palette Record Heap-based buffer overflow in Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, 2004 for Mac, and v.X for Mac allows user-assisted remote attackers to execute arbitrary code via a BIFF8 spreadsheet with a PALETTE record that contains a large number of entries. | 9.3 |
2007-01-09 | CVE-2007-0030 | Remote Code Execution vulnerability in Microsoft Excel Malformed Column Record Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, 2004 for Mac, and v.X for Mac allows user-assisted remote attackers to execute arbitrary code via an Excel file with an out-of-range Column field in certain BIFF8 record types, which references arbitrary memory. | 9.3 |
2007-01-09 | CVE-2007-0029 | Remote Code Execution vulnerability in Microsoft Excel Malformed String Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, 2004 for Mac, and v.X for Mac allows user-assisted remote attackers to execute arbitrary code via a malformed string, aka "Excel Malformed String Vulnerability." | 9.3 |
2007-01-09 | CVE-2007-0028 | Improper Input Validation vulnerability in Microsoft products Microsoft Excel 2000, 2002, 2003, Viewer 2003, Office 2004 for Mac, and Office v.X for Mac does not properly handle certain opcodes, which allows user-assisted remote attackers to execute arbitrary code via a crafted XLS file, which results in an "Improper Memory Access Vulnerability." NOTE: an early disclosure of this issue used CVE-2006-3432, but only CVE-2007-0028 should be used. | 9.3 |