CVE-2006-2387

Severity

51%

Complexity

49%

Confidentiality

106%

Unspecified vulnerability in Microsoft Excel 2000, 2002, 2003, 2004 for Mac, v.X for Mac, Excel Viewer 2003, and Microsoft Works Suite 2004 through 2006 allows user-assisted attackers to execute arbitrary code via a crafted DATETIME record in an XLS file, a different vulnerability than CVE-2006-3867 and CVE-2006-3875.

Unspecified vulnerability in Microsoft Excel 2000, 2002, 2003, 2004 for Mac, v.X for Mac, Excel Viewer 2003, and Microsoft Works Suite 2004 through 2006 allows user-assisted attackers to execute arbitrary code via a crafted DATETIME record in an XLS file, a different vulnerability than CVE-2006-3867 and CVE-2006-3875.

CVSS 2.0 Base Score 5.1. CVSS Attack Vector: network. CVSS Attack Complexity: high. CVSS Vector: (AV:N/AC:H/Au:N/C:P/I:P/A:P).

Overview

Type

Microsoft

First reported 18 years ago

2006-10-10 22:07:00

Last updated 6 years ago

2018-10-30 16:25:00

Affected Software

Microsoft Office 2000

2000

Microsoft Office 2000 sp1

2000

Microsoft Office 2000 sp2

2000

Microsoft Office 2000 sp3

2000

Microsoft Office 2001

2001

Microsoft office_macos 2001 sr1

2001

Microsoft Office 2003

2003

Microsoft Office 2003 sp1

2003

Microsoft Office 2003 sp2

2003

Microsoft Office 2003 Service Pack 3

2003

Microsoft Office 2004 Mac

2004

References

1017031

Third Party Advisory, VDB Entry

VU#706668

Third Party Advisory, US Government Resource

20061010 ZDI-06-033: Microsoft Office Excel File Format DATETIME Record Parsing Vulnerability

SSRT061264

20344

Third Party Advisory, VDB Entry

ADV-2006-3978

Vendor Advisory

http://www.zerodayinitiative.com/advisories/ZDI-06-033.html

Third Party Advisory, VDB Entry

MS06-059

oval:org.mitre.oval:def:570

Third Party Advisory

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.