header-logo
Suggest Exploit
vendor:
Microsoft Office Excel
by:
zha0
9.3
CVSS
HIGH
Microsoft Office Excel Code Execution Exploit
119
CWE
Product Name: Microsoft Office Excel
Affected Version From: Microsoft Office Excel 2000
Affected Version To: Microsoft Office Excel 2008
Patch Exists: YES
Related CWE: CVE-2008-1054
CPE: a:microsoft:excel
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Windows
2008

Microsoft Office Excel Code Execution Exploit (MS08-014)

This exploit allows remote attackers to execute arbitrary code via a crafted Excel file with a malformed record in the 'SST' stream, which triggers a buffer overflow. This vulnerability affects Microsoft Office Excel 2000, 2002, 2003, 2004, and 2008.

Mitigation:

Microsoft has released a set of patches for this vulnerability.
Source

Exploit-DB raw data:

Microsoft Office Excel Code Execution Exploit (MS08-014)

https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/5287.rar (2008-zha0_ms08_014.rar)

# milw0rm.com [2008-03-21]

Navigation

Suggest Exploit

Services By CQR