Executive Summary

Informations
Name MS07-002 First vendor Publication 2007-01-09
Vendor Microsoft Last vendor Modification 2007-01-09
Severity (Vendor) Critical Revision N/A

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C)
Cvss Base Score 9.3 Attack Range Network
Cvss Impact Score 10 Attack Complexity Medium
Cvss Expoit Score 8.6 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

This update resolves several newly discovered, privately and publicly reported vulnerabilities. Each vulnerability is documented in its own subsection in the "Vulnerability Details" section of this bulletin. An attacker who successfully exploited the most severe of these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. We recommend that customers apply the update immediately.

Original Source

Url : http://www.microsoft.com/technet/security/bulletin/ms07-002.mspx?pubDate=2 (...)

CWE : Common Weakness Enumeration

% Id Name
100 % CWE-20 Improper Input Validation

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:1102
 
Oval ID: oval:org.mitre.oval:def:1102
Title: Excel Malformed String Vulnerability
Description: Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, 2004 for Mac, and v.X for Mac allows user-assisted remote attackers to execute arbitrary code via a malformed string, aka "Excel Malformed String Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2007-0029
 Version: 3
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
 Product(s): Microsoft Excel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:119
 
Oval ID: oval:org.mitre.oval:def:119
Title: Excel Malformed IMDATA Record Vulnerability
Description: Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, 2004 for Mac, and v.X for Mac allows remote attackers to execute arbitrary code via malformed IMDATA records that trigger memory corruption.
Family: windows Class: vulnerability
Reference(s): CVE-2007-0027
 Version: 3
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
 Product(s): Microsoft Excel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:323
 
Oval ID: oval:org.mitre.oval:def:323
Title: Excel Malformed Column Record Vulnerability
Description: Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, 2004 for Mac, and v.X for Mac allows user-assisted remote attackers to execute arbitrary code via an Excel file with an out-of-range Column field in certain BIFF8 record types, which references arbitrary memory.
Family: windows Class: vulnerability
Reference(s): CVE-2007-0030
 Version: 3
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
 Product(s): Microsoft Excel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:753
 
Oval ID: oval:org.mitre.oval:def:753
Title: Excel Malformed Palette Record Vulnerability
Description: Heap-based buffer overflow in Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, 2004 for Mac, and v.X for Mac allows user-assisted remote attackers to execute arbitrary code via a BIFF8 spreadsheet with a PALETTE record that contains a large number of entries.
Family: windows Class: vulnerability
Reference(s): CVE-2007-0031
 Version: 3
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
 Product(s): Microsoft Excel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:768
 
Oval ID: oval:org.mitre.oval:def:768
Title: Excel Malformed Record Vulnerability
Description: Microsoft Excel 2000, 2002, 2003, Viewer 2003, Office 2004 for Mac, and Office v.X for Mac does not properly handle certain opcodes, which allows user-assisted remote attackers to execute arbitrary code via a crafted XLS file, which results in an "Improper Memory Access Vulnerability." NOTE: an early disclosure of this issue used CVE-2006-3432, but only CVE-2007-0028 should be used.
Family: windows Class: vulnerability
Reference(s): CVE-2007-0028
 Version: 3
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
 Product(s): Microsoft Excel
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 3
Application 1
Application 5
Application 2

SAINT Exploits

Description Link
Microsoft Excel PALETTE record buffer overflow More info here

ExploitDB Exploits

id Description
2007-01-25 Microsoft Excel - Malformed Palette Record DoS PoC (MS07-002)

Open Source Vulnerability Database (OSVDB)

Id Description
31258 Microsoft Excel Palette Record Handling Overflow

A local overflow exists in Excel. Excel fails to validate the PALETTE record in BIFF8 format spreadsheet files resulting in a buffer overflow. With a specially crafted file containing too many PALETTE records, an attacker can cause arbitrary code execution resulting in a loss of integrity.
31257 Microsoft Excel Column Record Heap Corruption Remote Code Execution

A local memory corruption flaw exists in Excel. The program fails to validate Excel files resulting in memory corruption when a malformed column record is encountered. With a specially crafted file, an attacker can cause arbitrary code execution resulting in a loss of integrity.
31256 Microsoft Excel Malformed String Handling Remote Code Execution

A memory corruption flaw exists in Excel. The program fails to validate file contents resulting in memory corruption when a malformed string is encountered. With a specially crafted file, an attacker can cause arbitrary code execution resulting in a loss of integrity.
31255 Microsoft Excel IMDATA Record Handling Remote Code Execution

A local memory corruption flaw exists in Excel. The program fails to validate the contents of a file resulting in memory corruption when a malformed IMDATA record is encountered. With a specially crafted file, an attacker can cause arbitrary code execution resulting in a loss of integrity.
31249 Microsoft Excel Malformed Record Memory Access Code Execution

A memory corruption flaw exists in Excel. The program fails to validate the contents of XLS files resulting in memory corruption. With a specially crafted file containing an unspecified malformed record, an attacker can cause arbitrary code execution resulting in a loss of integrity.

Information Assurance Vulnerability Management (IAVM)

Date Description
2007-01-12 IAVM : 2007-A-0003 - Multiple Vulnerabilities in Microsoft Excel
Severity : Category II - VMSKEY : V0013574

Snort® IPS/IDS

Date Description
2014-11-16 Microsoft Office Excel MalformedPalette Record Memory Corruption attempt
RuleID : 32095 - Revision : 2 - Type : FILE-OFFICE
2014-11-16 Microsoft Office Excel MalformedPalete Record Memory Corruption attempt
RuleID : 32094 - Revision : 2 - Type : FILE-OFFICE
2014-01-10 Microsoft Office Excel MalformedPalette Record Memory Corruption attempt
RuleID : 21933 - Revision : 4 - Type : FILE-OFFICE
2014-01-10 Microsoft Office Excel Column record handling memory corruption attempt
RuleID : 17543 - Revision : 15 - Type : FILE-OFFICE
2014-01-10 Microsoft Office Excel MalformedPalete Record Memory Corruption attempt
RuleID : 17542 - Revision : 14 - Type : FILE-OFFICE
2014-01-10 Microsoft Office Excel IMDATA buffer overflow attempt
RuleID : 17362 - Revision : 12 - Type : FILE-OFFICE

Nessus® Vulnerability Scanner

Date Description
2007-01-09 Name : Arbitrary code can be executed on the remote host through Microsoft Excel.
File : smb_nt_ms07-002.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
1
2
Date Informations
2014-02-17 11:45:34
  • Multiple Updates
2013-11-11 12:41:04
  • Multiple Updates
2013-05-11 00:49:14
  • Multiple Updates