CVE-2008-0112
Microsoft Excel - Code Injection
Title source: ruleDescription
Unspecified vulnerability in Microsoft Excel 2000 SP3, and Office for Mac 2004 and 2008 allows user-assisted remote attackers to execute arbitrary code via a crafted .SLK file that is not properly handled when importing the file, aka "Excel File Import Vulnerability."
Exploits (1)
References (7)
Scores
EPSS
0.7192
EPSS Percentile
98.8%
Details
CWE
CWE-94
Status
published
Products (3)
microsoft/excel
2000 sp3
microsoft/office
2004
microsoft/office
2008
Published
Mar 11, 2008
Tracked Since
Feb 18, 2026