Vulnerability Name: | CVE-2007-3490 (CCN-35132) | ||||||||
Assigned: | 2007-06-27 | ||||||||
Published: | 2007-06-27 | ||||||||
Updated: | 2017-09-29 | ||||||||
Summary: | Unspecified vulnerability in Microsoft Excel 2003 SP2 allows remote attackers to have an unknown impact via unspecified vectors, possibly related to the sheet name, as demonstrated by 2670.xls. | ||||||||
CVSS v3 Severity: | 9.0 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H)
| ||||||||
CVSS v2 Severity: | 7.5 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P) 6.0 Medium (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P/E:U/RL:U/RC:UR)
6.1 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:H/Au:N/C:C/I:C/A:C/E:U/RL:U/RC:UR)
| ||||||||
Vulnerability Type: | CWE-Other | ||||||||
Vulnerability Consequences: | Gain Access | ||||||||
References: | Source: MITRE Type: CNA CVE-2007-3490 Source: OSVDB Type: UNKNOWN 38954 Source: CCN Type: Ph4nt0m Security Team Blog, 6/27/2007 [Exploit]Microsoft Excel 2000/2003 Sheet Name Vulnerability PoC(0day) Source: MISC Type: UNKNOWN http://pstgroup.blogspot.com/2007/06/exploitmicrosoft-excel-20002003-sheet.html Source: CCN Type: SECTRACK ID: 1018321 Microsoft Excel Sheet Name Buffer Overflow Lets Remote Users Execute Arbitrary Code Source: CCN Type: Microsoft Corporation Web site Microsoft Corporation Source: MISC Type: Exploit http://www.milw0rm.com/sploits/06272007-2670.zip Source: CCN Type: OSVDB ID: 38954 Microsoft Excel Sheet Name Unspecified Code Execution Source: BID Type: UNKNOWN 24691 Source: CCN Type: BID-24691 Microsoft Excel Sheet Name Remote Denial Of Service Vulnerability Source: SECTRACK Type: UNKNOWN 1018321 Source: XF Type: UNKNOWN excel-sheet-name-bo(35132) Source: XF Type: UNKNOWN excel-sheet-name-bo(35132) Source: EXPLOIT-DB Type: UNKNOWN 4121 | ||||||||
Vulnerable Configuration: | Configuration 1: Configuration CCN 1: Denotes that component is vulnerable | ||||||||
BACK |