CVE-2007-3490 - Unspecified vulnerability in Microsoft Excel 2003 SP2 allows remote attackers to have an unknown imp

CVE-2007-3490

Summary

Unspecified vulnerability in Microsoft Excel 2003 SP2 allows remote attackers to have an unknown impact via unspecified vectors, possibly related to the sheet name, as demonstrated by 2670.xls.

References

http://osvdb.org/38954
http://pstgroup.blogspot.com/2007/06/exploitmicrosoft-excel-20002003-sheet.html
http://www.milw0rm.com/sploits/06272007-2670.zip
http://www.securityfocus.com/bid/24691
http://www.securitytracker.com/id?1018321
https://exchange.xforce.ibmcloud.com/vulnerabilities/35132
https://www.exploit-db.com/exploits/4121

Vulnerable Configurations

cpe:2.3:a:microsoft:excel:2003:sp2:*:*:*:*:*:*
cpe:2.3:a:microsoft:excel:2003:sp2:*:*:*:*:*:*

CVSS

Base:	7.5 (as of 29-09-2017 - 01:29)
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	LOW	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	PARTIAL	PARTIAL

cvss-vector via4

AV:N/AC:L/Au:N/C:P/I:P/A:P

refmap via4

bid	24691
exploit-db	4121
misc	http://pstgroup.blogspot.com/2007/06/exploitmicrosoft-excel-20002003-sheet.html http://www.milw0rm.com/sploits/06272007-2670.zip
osvdb	38954
sectrack	1018321
xf	excel-sheet-name-bo(35132)

Last major update

29-09-2017 - 01:29

Published

29-06-2007 - 18:30

Last modified

29-09-2017 - 01:29