Microsoft Excel 2000 through 2004 allows user-assisted attackers to execute arbitrary code via a .xls file with a crafted BIFF record with an attacker-controlled array index that is used for a function pointer, aka "Malformed OBJECT record Vulnerability."
References
Configurations
Configuration 1 (hide)
|
History
No history.
Information
Published : 2006-07-13 21:05
Updated : 2024-02-28 10:42
NVD link : CVE-2006-1306
Mitre link : CVE-2006-1306
CVE.ORG link : CVE-2006-1306
JSON object : View
Products Affected
microsoft
- excel
- excel_viewer
CWE
CWE-94
Improper Control of Generation of Code ('Code Injection')