CyberSec.Space Logo
Back to CVE Browser

CVE-2019-1297

Known Exploited (CISA KEV)HIGH
8.8
CVSS Severity Score
EPSS Score77.1470%
EPSS Percentile93.08th
PublishedSep 11, 2019
Last ModifiedOct 29, 2025

Vulnerability Description

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'.

Affected Platforms (CPE)

πŸ“¦
Microsoft

Excel

= 2010
πŸ“¦
Microsoft

Excel

= 2013
πŸ“¦
Microsoft

Excel

= 2013
πŸ“¦
Microsoft

Excel

= 2016
πŸ“¦
Microsoft

Office

= 2016
πŸ“¦
Microsoft

Office

= 2019
πŸ“¦
Microsoft

Office

= 2019
πŸ“¦
Microsoft

Office 365 Proplus

All versions

References & Advisories

πŸ”— https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1297
πŸ”— https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1297
πŸ”— https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-1297

Related Vulnerabilities

CVE-2008-421110.0

Integer signedness error in (1) QuickLook in Apple Mac OS X 10.5.5 and (2) Office Viewer in Apple iPhone OS 1.0 through 2.1 and iP...

CVE-2015-098410.0

Directory traversal vulnerability in the FTP server on Honeywell Excel Web XL1000C50 52 I/O, XL1000C100 104 I/O, XL1000C500 300 I/...

CVE-2004-130110.0

Buffer overflow in the book_format_sql function in format.c for xlreader 0.9.0 allows remote attackers to execute arbitrary code v...

CVE-2019-112329.8

EXCELLENT INFOTEK BiYan v1.57 ~ v2.8 allows an attacker to leak user information (Password) without being authenticated, by sendin...