Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-0031

Overview

Vulnerability Score 5.1 5.1
CVE Id CVE-2006-0031
Last Modified 07 Mar 2011 12:00:00
Published 14 Mar 2006 06:02:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity HIGH
Authentication NONE

CVE-2006-0031

Summary

Stack-based buffer overflow in Microsoft Excel 2000, 2002, and 2003, in Microsoft Office 2000 SP3 and other packages, allows user-assisted attackers to execute arbitrary code via an Excel file with a malformed record with a modified length value, which leads to memory corruption.

Vulnerable Systems

Application

  • Microsoft Office 2000

  • Microsoft Office 2003

  • Microsoft Office 2004

  • Microsoft Office V.x

  • Microsoft Office Xp


References

CERT - TA06-073A

CERT-VN - VU#104302

BID - 17101

MS - MS06-012

SECTRACK - 1015766

SECUNIA - 19138

XF - excel-record-bo(25228)

VUPEN - ADV-2006-0950

BUGTRAQ - 20060315 [xfocus-SD-060314]Microsoft Office Excel Buffer Overflow Vulnerability

OSVDB - 23902

CONFIRM - http://support.avaya.com/elmodocs2/security/ASA-2006-069.htm

SREASON - 589

SECUNIA - 19238

FULLDISC - 20060314 [xfocus-SD-060314]Microsoft Office Excel Buffer Overflow Vulnerability

Related Patches

MS06-012 905413 915057 Microsoft Office 2004 for Mac Update 11.2.3 (Rev 7)


Last Updated: 27 May 2016 10:41:30