Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2007-0031
HistoryJan 09, 2007 - 11:28 p.m.

CVE-2007-0031

2007-01-0923:28:00
[email protected]
web.nvd.nist.gov
34
cve-2007-0031
microsoft excel
buffer overflow
remote code execution
nvd

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.7 High

AI Score

Confidence

Low

0.901 High

EPSS

Percentile

98.8%

JSON

Heap-based buffer overflow in Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, 2004 for Mac, and v.X for Mac allows user-assisted remote attackers to execute arbitrary code via a BIFF8 spreadsheet with a PALETTE record that contains a large number of entries.

Affected configurations

NVD
Node
microsoftexcelMatch2000
OR
microsoftofficeMatch2000sp3
Node
microsoftexcelMatch2002
OR
microsoftofficeMatchxpsp3
Node
microsoftexcelMatch2003
OR
microsoftofficeMatch2003sp2
Node
microsoftexcel_viewerMatch2003
OR
microsoftworksMatch2004
OR
microsoftworksMatch2005
Node
microsoftofficeMatch2004mac
OR
microsoftofficeMatchv.xmac

Related

cert 1
prion 1
nvd 1
saint 4
cvelist 1
securityvulns 3
checkpoint_advisories 1
nessus 1
cert
cert
Microsoft Excel fails to properly parse malformed Palette records
2007-01-09 00:00:00
prion
prion
Heap overflow
2007-01-09 23:28:00
nvd
nvd
CVE-2007-0031
2007-01-09 23:28:00
saint
saint
Microsoft Excel PALETTE record buffer overflow
2007-01-11 00:00:00
Microsoft Excel PALETTE record buffer overflow
2007-01-11 00:00:00
Microsoft Excel PALETTE record buffer overflow
2007-01-11 00:00:00
cvelist
cvelist
CVE-2007-0031
2007-01-09 23:00:00
securityvulns
securityvulns
[Full-disclosure] iDefense Security Advisory 01.09.07: Microsoft Excel Long Palette Heap Overflow Vulnerability
2007-01-09 00:00:00
Microsoft Security Bulletin MS07-002 Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (927198)
2007-01-09 00:00:00
Multiple Microsoft Excel buffer oveflows
2007-02-01 00:00:00
checkpoint_advisories
checkpoint_advisories
Microsoft Excel Malformed Palette Record Memory Corruption (MS07-002; CVE-2007-0031)
2010-10-24 00:00:00
nessus
nessus
MS07-002: Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (927198)
2007-01-09 00:00:00

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.7 High

AI Score

Confidence

Low

0.901 High

EPSS

Percentile

98.8%

JSON
Related for CVE-2007-0031
cert1prion1nvd1saint4cvelist1securityvulns3checkpoint_advisories1nessus1