VYPR
← All advisories
Unrated severityNVD Advisory· Published Jan 9, 2007· Updated Apr 23, 2026

CVE-2007-0028

CVE-2007-0028

Description

Microsoft Excel 2000, 2002, 2003, Viewer 2003, Office 2004 for Mac, and Office v.X for Mac does not properly handle certain opcodes, which allows user-assisted remote attackers to execute arbitrary code via a crafted XLS file, which results in an "Improper Memory Access Vulnerability." NOTE: an early disclosure of this issue used CVE-2006-3432, but only CVE-2007-0028 should be used.

Affected products

11
  • Microsoft/Excel3 versions
    cpe:2.3:a:microsoft:excel:2000:*:*:*:*:*:*:*+ 2 more
    • cpe:2.3:a:microsoft:excel:2000:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:excel:2002:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:excel:2003:*:*:*:*:*:*:*
  • Microsoft/Excel Viewer
    cpe:2.3:a:microsoft:excel_viewer:2003:*:*:*:*:*:*:*
  • Microsoft/Office5 versions
    cpe:2.3:a:microsoft:office:2000:sp3:*:*:*:*:*:*+ 4 more
    • cpe:2.3:a:microsoft:office:2000:sp3:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:office:2003:sp2:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:office:2004:*:mac:*:*:*:*:*
    • cpe:2.3:a:microsoft:office:v.x:*:mac:*:*:*:*:*
    • cpe:2.3:a:microsoft:office:xp:sp3:*:*:*:*:*:*
  • Microsoft/Works2 versions
    cpe:2.3:a:microsoft:works:2004:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:microsoft:works:2004:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:works:2005:*:*:*:*:*:*:*

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

12

News mentions

0

No linked articles in our index yet.