CVE-2006-1309

Published Jul 13, 2006

Last updated 6 years ago

Overview

Description: Microsoft Excel 2000 through 2004 allows user-assisted attackers to execute arbitrary code via a .xls file with a crafted LABEL record that triggers memory corruption.
Source: secure@microsoft.com
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 9.3
Impact score: 10
Exploitability score: 8.6
Vector string: AV:N/AC:M/Au:N/C:C/I:C/A:C

Weaknesses

nvd@nist.gov: CWE-94

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:microsoft:excel:2000:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F55D42D5-7371-47C2-BF55-B7F51C19B61E"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:excel:2000:sp2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D4FBEB90-1BF2-4E84-9A74-EAD226AAA0A2"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:excel:2000:sp3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "439B26BA-376C-4D6B-B7BA-B66B8BDA8E37"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:excel:2000:sr1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "27C6E1BC-406E-4B0B-B513-33226AC4482D"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:excel:2002:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "082D3262-87E3-4245-AD9C-02BE0871FA3B"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:excel:2002:sp1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C619E79B-90FB-4812-B0F3-115B47498492"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:excel:2002:sp2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EC893353-909C-49A8-8C3A-AD325C1D365D"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:excel:2002:sp3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "896E23B1-AB34-43FF-96F3-BA6ED7F162AF"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:excel:2003:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5F79E0AB-7081-4F97-BFE4-9AF84F643B9A"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:excel:2003:sp1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9AED7433-3C95-4868-B05D-244149E0E33E"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:excel:2004:*:mac_os_x:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B29EBC56-422C-45DF-B241-FA3EF1F7A8EE"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:excel:x:*:mac_os_x:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DA71E158-6D0A-4BEF-8471-FE5C864E7073"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:excel_viewer:2003:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FDB0020C-A804-4003-B411-1AC7A6E7193E"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References