6.8
CVE-2007-1214
- EPSS 28.48%
- Veröffentlicht 08.05.2007 22:19:00
- Zuletzt bearbeitet 16.06.2026 22:37:09
- Quelle secure@microsoft.com
- CVE-Watchlists
- Unerledigt
Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, 2003 Viewer, and 2004 for Mac allows user-assisted remote attackers to execute arbitrary code via a crafted AutoFilter filter record in an Excel BIFF8 format XLS file, which triggers memory corruption.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 28.48% | 0.979 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 6.8 | 8.6 | 6.4 |
AV:N/AC:M/Au:N/C:P/I:P/A:P
|
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.
http://www.securityfocus.com/archive/1/468871/100/200/threaded
http://www.us-cert.gov/cas/techalerts/TA07-128A.html
http://secunia.com/advisories/25150
http://www.securitytracker.com/id?1018012
http://www.vupen.com/english/advisories/2007/1708
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-023
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=527
http://www.kb.cert.org/vuls/id/253825
http://www.osvdb.org/34395
http://www.securityfocus.com/bid/23780
https://exchange.xforce.ibmcloud.com/vulnerabilities/33915
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2064