Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2007-3490Use of Uninitialized Resource in Microsoft Excel

CWE-908Use of Uninitialized Resource9 documents6 sources
Severity
9.8CRITICALNVD
NVD7.5CNA7.5VulnCheck7.5
EPSS
44.6%
top 2.42%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
3
Microsoft ExcelMicrosoft Excel ViewerMicrosoft Office
Timeline
PublishedJun 29
Latest updateMay 1

Description

Unspecified vulnerability in Microsoft Excel 2003 SP2 allows remote attackers to have an unknown impact via unspecified vectors, possibly related to the sheet name, as demonstrated by 2670.xls.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages3 packages

NVDmicrosoft/excel2000, 2002, 2003+2

🔴Vulnerability Details

5
GHSA
GHSA-gv8q-4r76-rh77: Unspecified vulnerability in Microsoft Excel 2003 SP2 allows remote attackers to have an unknown impact via unspecified vectors, possibly related to t2022-05-01
GHSA
GHSA-h6j8-g36h-j99v: Unspecified vulnerability in Microsoft Excel 2000 SP3 through 2003 SP2, Viewer 2003, and Office 2004 for Mac allows user-assisted remote attackers to2022-05-01
CVEList
CVE-2008-0081: Unspecified vulnerability in Microsoft Excel 2000 SP3 through 2003 SP2, Viewer 2003, and Office 2004 for Mac allows user-assisted remote attackers to2008-01-16
VulnCheck
Microsoft Excel Use of Uninitialized Resource2008
CVEList
CVE-2007-3490: Unspecified vulnerability in Microsoft Excel 2003 SP2 allows remote attackers to have an unknown impact via unspecified vectors, possibly related to t2007-06-29

💥Exploits & PoCs

1
Exploit-DB
Microsoft Excel 2000/2003 - Sheet Name (PoC)2007-06-27

💬Community

1
Bugzilla
CVE-2007-6595 clamav insecure /tmp file use2008-01-02
CVE-2007-3490 — Use of Uninitialized Resource | cvebase