Back
CVE-1999-1055
Microsoft Excel 97 does not warn the user before executing worksheet functions, which could allow attackers to execute arbitrary commands by using the CALL function to execute a malicious DLL, aka the Excel "CALL Vulnerability."
Published: Dec 31, 1999
Modified: Apr 16, 2026
CVSS Metrics
Affected Products (1)
| Vendor | Product | Version |
|---|---|---|
| microsoft | excel | 97 |
GitHub Security Advisory GHSA-cx75-p9pm-2q97
Microsoft Excel 97 does not warn the user before executing worksheet functions, which could allow...
References (6)
- http://www.securityfocus.com/bid/179
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/1998/ms98-018
- https://exchange.xforce.ibmcloud.com/vulnerabilities/1737
- http://www.securityfocus.com/bid/179
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/1998/ms98-018
- https://exchange.xforce.ibmcloud.com/vulnerabilities/1737
Risk Scores
CVSS Score
7.5 / 10
EPSS Score
7.73%
Top 8% most likely to be exploited
Threat Score
32.3 / 100
Data Sources
NVD
EPSS
GitHub