CVE-2006-2388
Microsoft Office Excel 2000 through 2004 allows user-assisted attackers to execute arbitrary code via malformed cell comments, which lead to modification of "critical data offsets" during the rebuilding process.
| Software | From | Fixed in |
|---|---|---|
| microsoft / excel | x | x.x |
| microsoft / excel | 2002-sp1 | 2002-sp1.x |
| microsoft / excel | 2003-sp1 | 2003-sp1.x |
| microsoft / excel | 2000 | 2000.x |
| microsoft / excel_viewer | 2003 | 2003.x |
| microsoft / excel | 2000-sp3 | 2000-sp3.x |
| microsoft / excel | 2002 | 2002.x |
| microsoft / excel | 2002-sp3 | 2002-sp3.x |
| microsoft / excel | 2004 | 2004.x |
| microsoft / excel | 2003 | 2003.x |
| microsoft / excel | 2000-sr1 | 2000-sr1.x |
| microsoft / excel | 2002-sp2 | 2002-sp2.x |
| microsoft / excel | 2000-sp2 | 2000-sp2.x |
- http://securitytracker.com/id?1016472
- http://www.securityfocus.com/archive/1/439786/100/0/threaded
- http://www.securityfocus.com/bid/18938
- http://www.vupen.com/english/advisories/2006/2755
- http://www.zerodayinitiative.com/advisories/ZDI-06-022.html
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-037
- https://exchange.xforce.ibmcloud.com/vulnerabilities/27604
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A234
Deep Security Visibility Without the Complexity
SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.
- No setup fees
- 5-min deployment
- Cancel anytime