Excel Formula Parsing Vulnerability in Microsoft Excel Products
CVE-2008-0115

Currently unrated

Key Information:

Vendor: Microsoft
Status: Office Compatibility Pack For Word Excel Ppt 2007; Office; Excel Viewer; Excel
Vendor: CVE Published:; 11 March 2008

Summary

An unspecified security flaw exists in Microsoft Excel spanning versions 2000 SP3 to 2007, as well as in the Viewer 2003, Compatibility Pack, and Office for Mac 2004. This vulnerability enables user-assisted remote attackers to exploit malformed formulas in Excel documents to execute arbitrary code. Proper mitigations, such as implementing updates and security patches, are essential for protecting systems against potential exploits.

References

http://www.securityfocus.com/bid/28167

vdb-entryx_refsource_BID

http://www.us-cert.gov/cas/techalerts/TA08-071A.html

third-party-advisoryx_refsource_CERT

https://oval.cisecurity.org/repository/search/definition/...

vdb-entrysignaturex_refsource_OVAL

EPSS Score

71% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Mar 11, 2008
Vulnerability Reserved
Jan 7, 2008