Executive Summary
Informations | |||
---|---|---|---|
Name | CVE-2003-0821 | First vendor Publication | 2003-12-15 |
Vendor | Cve | Last vendor Modification | 2018-10-12 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:P/I:P/A:P) | |||
---|---|---|---|
Cvss Base Score | 7.5 | Attack Range | Network |
Cvss Impact Score | 6.4 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Microsoft Excel 97, 2000, and 2002 allows remote attackers to execute arbitrary code via a spreadsheet with a malicious XLM (Excel 4) macro that bypasses the macro security model. |
Original Source
Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0821 |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:636 | |||
Oval ID: | oval:org.mitre.oval:def:636 | ||
Title: | MS Excel 2000 Malicious Macro Security Bypass Vulnerability | ||
Description: | Microsoft Excel 97, 2000, and 2002 allows remote attackers to execute arbitrary code via a spreadsheet with a malicious XLM (Excel 4) macro that bypasses the macro security model. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2003-0821 | Version: | 5 |
Platform(s): | Microsoft Windows 95 Microsoft Windows 98 Microsoft Windows ME Microsoft Windows NT Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 | Product(s): | Microsoft Excel 2000 |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:675 | |||
Oval ID: | oval:org.mitre.oval:def:675 | ||
Title: | MS Excel 97 Malicious Macro Security Bypass Vulnerability | ||
Description: | Microsoft Excel 97, 2000, and 2002 allows remote attackers to execute arbitrary code via a spreadsheet with a malicious XLM (Excel 4) macro that bypasses the macro security model. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2003-0821 | Version: | 2 |
Platform(s): | Microsoft Windows 95 Microsoft Windows 98 Microsoft Windows ME Microsoft Windows NT Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 | Product(s): | Microsoft Excel 97 |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:695 | |||
Oval ID: | oval:org.mitre.oval:def:695 | ||
Title: | MS Excel 2002 Malicious Macro Security Bypass Vulnerability | ||
Description: | Microsoft Excel 97, 2000, and 2002 allows remote attackers to execute arbitrary code via a spreadsheet with a malicious XLM (Excel 4) macro that bypasses the macro security model. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2003-0821 | Version: | 5 |
Platform(s): | Microsoft Windows 95 Microsoft Windows 98 Microsoft Windows ME Microsoft Windows NT Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 | Product(s): | Microsoft Excel 2002 |
Definition Synopsis: | |||
CPE : Common Platform Enumeration
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
2801 | Microsoft Word and Excel Execution of Arbitrary Code Several versions of Microsft Word, Excel, and Works Suite contain a flaw that may allow a malicious user to bypass Macro security. The issue is triggered when a user is tricked in to opening a document by a malicious website because Internet Explorer automatically launches the helper application, which is installed by Microsoft Office. It is possible that the flaw may allow Excel to run Macros at the same security level as the current user, and in Word there is a buffer overflow condition that will allow arbitrary code execution resulting in a loss of confidentiality, integrity, and/or availability. |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2003-11-11 | Name : Arbitrary code can be executed on the remote host through Office. File : smb_nt_ms03-050.nasl - Type : ACT_GATHER_INFO |
Sources (Detail)
Alert History
Date | Informations |
---|---|
2021-05-04 12:02:06 |
|
2021-04-22 01:02:16 |
|
2020-05-23 00:15:30 |
|
2018-10-13 00:22:27 |
|
2017-11-16 21:21:11 |
|
2017-10-11 09:23:18 |
|
2017-07-11 12:01:18 |
|
2016-04-26 12:37:38 |
|
2014-02-17 10:26:36 |
|
2013-05-11 11:53:04 |
|