CVE-2002-0618 — Microsoft Excel vulnerability

3 documents3 sources

Severity

7.5HIGHNVD

EPSS

17.3%

top 4.95%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Microsoft Excel Microsoft Office

Timeline

PublishedAug 12

Latest updateApr 30

Description

The Macro Security Model in Microsoft Excel 2000 and 2002 for Windows allows remote attackers to execute code in the Local Computer zone by embedding HTML scripts within an Excel workbook that contains an XSL stylesheet, aka "Excel XSL Stylesheet Script Execution".

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages2 packages

▶NVDmicrosoft/excel2000, 2002+1

▶NVDmicrosoft/office2000, xp+1

🔴Vulnerability Details

GHSA

GHSA-7xwj-vwvc-4m7v: The Macro Security Model in Microsoft Excel 2000 and 2002 for Windows allows remote attackers to execute code in the Local Computer zone by embedding↗2022-04-30

▶

CVEList

CVE-2002-0618: The Macro Security Model in Microsoft Excel 2000 and 2002 for Windows allows remote attackers to execute code in the Local Computer zone by embedding↗2003-04-02

▶