Executive Summary
Informations | |||
---|---|---|---|
Name | MS07-002 | First vendor Publication | 2007-01-09 |
Vendor | Microsoft | Last vendor Modification | 2007-01-09 |
Severity (Vendor) | Critical | Revision | N/A |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 9.3 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Medium |
Cvss Expoit Score | 8.6 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
This update resolves several newly discovered, privately and publicly reported vulnerabilities. Each vulnerability is documented in its own subsection in the "Vulnerability Details" section of this bulletin. An attacker who successfully exploited the most severe of these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. We recommend that customers apply the update immediately. |
Original Source
Url : http://www.microsoft.com/technet/security/bulletin/ms07-002.mspx?pubDate=2 (...) |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-20 | Improper Input Validation |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:1102 | |||
Oval ID: | oval:org.mitre.oval:def:1102 | ||
Title: | Excel Malformed String Vulnerability | ||
Description: | Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, 2004 for Mac, and v.X for Mac allows user-assisted remote attackers to execute arbitrary code via a malformed string, aka "Excel Malformed String Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2007-0029 | Version: | 3 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 | Product(s): | Microsoft Excel |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:119 | |||
Oval ID: | oval:org.mitre.oval:def:119 | ||
Title: | Excel Malformed IMDATA Record Vulnerability | ||
Description: | Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, 2004 for Mac, and v.X for Mac allows remote attackers to execute arbitrary code via malformed IMDATA records that trigger memory corruption. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2007-0027 | Version: | 3 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 | Product(s): | Microsoft Excel |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:323 | |||
Oval ID: | oval:org.mitre.oval:def:323 | ||
Title: | Excel Malformed Column Record Vulnerability | ||
Description: | Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, 2004 for Mac, and v.X for Mac allows user-assisted remote attackers to execute arbitrary code via an Excel file with an out-of-range Column field in certain BIFF8 record types, which references arbitrary memory. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2007-0030 | Version: | 3 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 | Product(s): | Microsoft Excel |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:753 | |||
Oval ID: | oval:org.mitre.oval:def:753 | ||
Title: | Excel Malformed Palette Record Vulnerability | ||
Description: | Heap-based buffer overflow in Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, 2004 for Mac, and v.X for Mac allows user-assisted remote attackers to execute arbitrary code via a BIFF8 spreadsheet with a PALETTE record that contains a large number of entries. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2007-0031 | Version: | 3 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 | Product(s): | Microsoft Excel |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:768 | |||
Oval ID: | oval:org.mitre.oval:def:768 | ||
Title: | Excel Malformed Record Vulnerability | ||
Description: | Microsoft Excel 2000, 2002, 2003, Viewer 2003, Office 2004 for Mac, and Office v.X for Mac does not properly handle certain opcodes, which allows user-assisted remote attackers to execute arbitrary code via a crafted XLS file, which results in an "Improper Memory Access Vulnerability." NOTE: an early disclosure of this issue used CVE-2006-3432, but only CVE-2007-0028 should be used. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2007-0028 | Version: | 3 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 | Product(s): | Microsoft Excel |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
Type | Description | Count |
---|---|---|
Application | 3 | |
Application | 1 | |
Application | 5 | |
Application | 2 |
SAINT Exploits
Description | Link |
---|---|
Microsoft Excel PALETTE record buffer overflow | More info here |
ExploitDB Exploits
id | Description |
---|---|
2007-01-25 | Microsoft Excel - Malformed Palette Record DoS PoC (MS07-002) |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
31258 | Microsoft Excel Palette Record Handling Overflow A local overflow exists in Excel. Excel fails to validate the PALETTE record in BIFF8 format spreadsheet files resulting in a buffer overflow. With a specially crafted file containing too many PALETTE records, an attacker can cause arbitrary code execution resulting in a loss of integrity. |
31257 | Microsoft Excel Column Record Heap Corruption Remote Code Execution A local memory corruption flaw exists in Excel. The program fails to validate Excel files resulting in memory corruption when a malformed column record is encountered. With a specially crafted file, an attacker can cause arbitrary code execution resulting in a loss of integrity. |
31256 | Microsoft Excel Malformed String Handling Remote Code Execution A memory corruption flaw exists in Excel. The program fails to validate file contents resulting in memory corruption when a malformed string is encountered. With a specially crafted file, an attacker can cause arbitrary code execution resulting in a loss of integrity. |
31255 | Microsoft Excel IMDATA Record Handling Remote Code Execution A local memory corruption flaw exists in Excel. The program fails to validate the contents of a file resulting in memory corruption when a malformed IMDATA record is encountered. With a specially crafted file, an attacker can cause arbitrary code execution resulting in a loss of integrity. |
31249 | Microsoft Excel Malformed Record Memory Access Code Execution A memory corruption flaw exists in Excel. The program fails to validate the contents of XLS files resulting in memory corruption. With a specially crafted file containing an unspecified malformed record, an attacker can cause arbitrary code execution resulting in a loss of integrity. |
Information Assurance Vulnerability Management (IAVM)
Date | Description |
---|---|
2007-01-12 | IAVM : 2007-A-0003 - Multiple Vulnerabilities in Microsoft Excel Severity : Category II - VMSKEY : V0013574 |
Snort® IPS/IDS
Date | Description |
---|---|
2014-11-16 | Microsoft Office Excel MalformedPalette Record Memory Corruption attempt RuleID : 32095 - Revision : 2 - Type : FILE-OFFICE |
2014-11-16 | Microsoft Office Excel MalformedPalete Record Memory Corruption attempt RuleID : 32094 - Revision : 2 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Office Excel MalformedPalette Record Memory Corruption attempt RuleID : 21933 - Revision : 4 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Office Excel Column record handling memory corruption attempt RuleID : 17543 - Revision : 15 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Office Excel MalformedPalete Record Memory Corruption attempt RuleID : 17542 - Revision : 14 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Office Excel IMDATA buffer overflow attempt RuleID : 17362 - Revision : 12 - Type : FILE-OFFICE |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2007-01-09 | Name : Arbitrary code can be executed on the remote host through Microsoft Excel. File : smb_nt_ms07-002.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:45:34 |
|
2013-11-11 12:41:04 |
|
2013-05-11 00:49:14 |
|