CVE-2002-0617 — Microsoft Excel vulnerability

3 documents3 sources

Severity

5.1MEDIUMNVD

EPSS

4.1%

top 11.44%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Microsoft Excel Microsoft Office

Timeline

PublishedAug 12

Latest updateApr 30

Description

The Macro Security Model in Microsoft Excel 2000 and 2002 for Windows allows remote attackers to execute code by creating a hyperlink on a drawing shape in a source workbook that points to a destination workbook containing an autoexecute macro, aka "Hyperlinked Excel Workbook Macro Bypass."

CVSS vector

AV:N/AC:H/C:P/I:P/A:PExploitability: 4.9 | Impact: 6.4

Affected Packages2 packages

▶NVDmicrosoft/excel2000, 2002+1

▶NVDmicrosoft/office2000, xp+1

🔴Vulnerability Details

GHSA

GHSA-vm8h-9mwv-399v: The Macro Security Model in Microsoft Excel 2000 and 2002 for Windows allows remote attackers to execute code by creating a hyperlink on a drawing sha↗2022-04-30

▶

CVEList

CVE-2002-0617: The Macro Security Model in Microsoft Excel 2000 and 2002 for Windows allows remote attackers to execute code by creating a hyperlink on a drawing sha↗2003-04-02

▶