The Macro Security Model in Microsoft Excel 2000 and 2002 for Windows allows remote attackers to execute code in the Local Computer zone by embedding HTML scripts within an Excel workbook that contains an XSL stylesheet, aka "Excel XSL Stylesheet Script Execution".
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-031
http://www.securityfocus.com/bid/4821
http://www.iss.net/security_center/static/9399.php