CVE-2008-3003

CVE-2008-3003 · MEDIUM Severity

AV:L/AC:L/AU:N/C:C/I:C/A:N

Microsoft Office Excel 2007 Gold and SP1 does not properly delete the PWD (password) string from connections.xml when a .xlsx file is configured not to save the remote data session password, which allows local users to obtain sensitive information and obtain access to a remote data source, aka the "Excel Credential Caching Vulnerability."

Learn more about our Cis Benchmark Audit For Microsoft Office.