Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2012-5672 — Microsoft Excel vulnerability

4 documents4 sources

Severity

4.3MEDIUMNVD

EPSS

16.0%

top 5.21%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Microsoft Excel Microsoft Office

Timeline

PublishedOct 25

Latest updateMay 17

Description

Microsoft Excel Viewer (aka Xlview.exe) and Excel in Microsoft Office 2007 (aka Office 12) allow remote attackers to cause a denial of service (read access violation and application crash) via a crafted spreadsheet file, as demonstrated by a .xls file with battery voltage data.

CVSS vector

AV:N/AC:M/C:N/I:N/A:PExploitability: 8.6 | Impact: 2.9

Affected Packages2 packages

▶NVDmicrosoft/excel2007

▶NVDmicrosoft/office2007

🔴Vulnerability Details

GHSA

GHSA-c7rj-fx5f-q8qw: Microsoft Excel Viewer (aka Xlview↗2022-05-17

▶

CVEList

CVE-2012-5672: Microsoft Excel Viewer (aka Xlview↗2012-10-25

▶

💥Exploits & PoCs

Exploit-DB

Microsoft Excel - Denial of Service↗2012-10-11

▶