CVE-2018-0907

Description

Microsoft Excel 2007 SP3, Microsoft Excel 2010 SP2, Microsoft Excel 2013 SP1, Microsoft Excel 2016, Microsoft Office 2016 Click-to-Run and Microsoft Office 2016 for Mac allow a security feature bypass vulnerability due to how macro settings are enforced, aka Microsoft Office Excel Security Feature Bypass.

Risk Information

Base Score

7.8

MODERATE

Vector

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

EPSS Score

Exploitation Probability

18.388

Associated Vulnerability

Vulnerability	OS Platform
Microsoft Office Excel Security Feature Bypass for Microsoft Office Excel 2007 (KB4011714)	Windows
Microsoft Office Excel Security Feature Bypass for Microsoft Excel 2010 (KB4011675) 32-Bit Edition	Windows
Microsoft Office Excel Security Feature Bypass for Microsoft Excel 2010 (KB4011675) 64-Bit Edition	Windows
Microsoft Office Excel Security Feature Bypass for Microsoft Excel 2013 (KB4018291) 32-Bit Edition	Windows
Microsoft Office Excel Security Feature Bypass for Microsoft Excel 2013 (KB4018291) 64-Bit Edition	Windows
Microsoft Office Excel Security Feature Bypass for Microsoft Excel 2016 (KB4011727) 32-Bit Edition	Windows
Microsoft Office Excel Security Feature Bypass for Microsoft Excel 2016 (KB4011727) 64-Bit Edition	Windows

Patch Details

Click to see the patches provided by ManageEngine for this CVE

Patch ID	Patch Description
PATCH-24135	Security Update for Microsoft Office Excel 2007 (KB4011714)
PATCH-24137	Security Update for Microsoft Excel 2010 (KB4011675) 32-Bit Edition
PATCH-24138	Security Update for Microsoft Excel 2010 (KB4011675) 64-Bit Edition
PATCH-24147	Security Update for Microsoft Excel 2013 (KB4018291) 32-Bit Edition
PATCH-24148	Security Update for Microsoft Excel 2013 (KB4018291) 64-Bit Edition
PATCH-24158	Security Update for Microsoft Excel 2016 (KB4011727) 32-Bit Edition
PATCH-24159	Security Update for Microsoft Excel 2016 (KB4011727) 64-Bit Edition

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234