Name:
MS.Excel.Malformed.OBJECT.Type.File.Code.Execution
Released Date:
Oct 17 2006
Severity:
high
CVE:
2006-1306
MS Bulletin:
MS06-037
Bugtraq:
18886

FortiGuard Center > Vulnerability Encyclopedia


In-Depth Analysis

Description
This indicates an attempt to exploit a remote code execution vulnerability in Microsoft Excel.

Microsoft Excel has a remote code execution vulnerability that can be exploited via an Excel file with a crafted BIFF record. A remote attacker can overflow a buffer and execute arbitrary code with the privileges of the Excel user.
 
Impact
System compromise: remote code execution.
 
Affected Products
Microsoft Excel Viewer 2003
Microsoft Excel v.X for Mac
Microsoft Excel 2004 for Mac
Microsoft Excel 2003
Microsoft Excel 2002
Microsoft Excel 2000
Aliases
Microsoft.Excel.Malformed.OBJECT.Type.File.Code.Execution
References
http://www.microsoft.com/technet/security/Bulletin/MS06-037.mspx
http://www.securityfocus.com/bid/18886
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2006-1306
Recommended Actions
Apply the appropriate patch for your system.
http://www.microsoft.com/technet/security/Bulletin/MS06-037.mspx

 
 
SITE MAP  |  LEGAL NOTICES

      © 2003 FORTINET INC. ALL RIGHTS RESERVED