CVE-2006-2388

Microsoft Office Excel 2000 through 2004 allows user-assisted attackers to execute arbitrary code via malformed cell comments, which lead to modification of "critical data offsets" during the rebuilding process.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:microsoft:excel:2000:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:excel:2000:sp2:*:*:*:*:*:*
cpe:2.3:a:microsoft:excel:2000:sp3:*:*:*:*:*:*
cpe:2.3:a:microsoft:excel:2000:sr1:*:*:*:*:*:*
cpe:2.3:a:microsoft:excel:2002:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:excel:2002:sp1:*:*:*:*:*:*
cpe:2.3:a:microsoft:excel:2002:sp2:*:*:*:*:*:*
cpe:2.3:a:microsoft:excel:2002:sp3:*:*:*:*:*:*
cpe:2.3:a:microsoft:excel:2003:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:excel:2003:sp1:*:*:*:*:*:*
cpe:2.3:a:microsoft:excel:2004:*:mac_os_x:*:*:*:*:*
cpe:2.3:a:microsoft:excel:x:*:mac_os_x:*:*:*:*:*
cpe:2.3:a:microsoft:excel_viewer:2003:*:*:*:*:*:*:*

History

No history.

Information

Published : 2006-07-13 21:05

Updated : 2024-02-28 10:42


NVD link : CVE-2006-2388

Mitre link : CVE-2006-2388

CVE.ORG link : CVE-2006-2388


JSON object : View

Products Affected

microsoft

  • excel
  • excel_viewer
CWE
CWE-94

Improper Control of Generation of Code ('Code Injection')