PT-2007-1527 · Microsoft · Office Excel

Published

2007-01-09

Updated

2018-10-16

CVE-2007-0031

CVSS v2.0

9.3

High

Vector

AV:N/AC:M/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Microsoft Excel versions 2000 SP3, 2002 SP3, 2003 SP2, 2004 for Mac, and v.X for Mac

Description A heap-based buffer overflow issue exists, allowing user-assisted remote attackers to execute arbitrary code. This occurs when a BIFF8 spreadsheet with a PALETTE record containing a large number of entries is processed. The vulnerability is related to the parsing of files and the processing of a malformed Palette record.

Recommendations For Microsoft Excel 2000 SP3, update to a version that includes the fix for this issue. For Microsoft Excel 2002 SP3, update to a version that includes the fix for this issue. For Microsoft Excel 2003 SP2, update to a version that includes the fix for this issue. For Microsoft Excel 2004 for Mac, update to a version that includes the fix for this issue. For Microsoft Excel v.X for Mac, update to a version that includes the fix for this issue.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2007-0031

Affected Products

Office Excel

PT-2007-1527 · Microsoft · Office Excel

CVE-2007-0031

Related Identifiers

Affected Products

References · 17