← CVECheck
HomeVulnerabilities

CVE-1999-1055 — HIGH severity vulnerability (Microsoft Excel 97 does not warn the user before executing w)

Microsoft Excel 97 does not warn the user before executing worksheet functions, which could allow attackers to execute arbitrary commands by using the CALL function to execute a malicious DLL, aka the Excel "CALL Vulnerability."

CVE IDCVE-1999-1055
SeverityHIGH
CVSS score7.5
CVSS vectorAV:N/AC:L/Au:N/C:P/I:P/A:P
CWENVD-CWE-Other
StatusModified
Published1999-12-31
Last modified2026-04-16
DescriptionMicrosoft Excel 97 does not warn the user before executing worksheet functions, which could allow attackers to execute arbitrary commands by using the CALL function to execute a malicious DLL, aka the Excel "CALL Vulnerability."
SourceNIST National Vulnerability Database

🔍 Search all vulnerabilities →