Multiple vulnerabilities in Microsoft Office



Published: 2006-07-11 | Updated: 2016-12-07
Risk Critical
Patch available YES
Number of vulnerabilities 4
CVE-ID CVE-2006-2389
CVE-2006-1318
CVE-2006-1540
CVE-2006-1316
CWE-ID CWE-119
Exploitation vector Network
Public exploit Public exploit code for vulnerability #1 is available.
Vulnerability #3 is being exploited in the wild.
Vulnerable software
Subscribe
Microsoft Office
Client/Desktop applications / Office applications

Microsoft Office for Mac
Client/Desktop applications / Office applications

Microsoft Project
Client/Desktop applications / Office applications

Microsoft Visio
Client/Desktop applications / Office applications

Vendor Microsoft

Security Bulletin

This security bulletin contains information about 4 vulnerabilities.

This security bulletin describes 4 remote code execution vulnerabilities in Microsoft Office.

1) Buffer overflow

EUVDB-ID: #VU1229

Risk: High

CVSSv3.1:

CVE-ID: CVE-2006-2389

CWE-ID: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer

Exploit availability: Yes

Description

The vulnerability allows a remote user to execute arbitrary code on the target system.

The vulnerability exists due to boundary error when parsing malformed properties in Office documents. A remote attacker can create a specially crafted Office file, trick the victim into opening it and execute arbitrary code with privileges of the current user.

Successful exploitation of the vulnerability results in compromise of vulnerable system.

Mitigation

Install update from vendor's website:

Vulnerable software versions

Microsoft Office: 2000 - XP

Microsoft Office for Mac: 2004 - v.X

Microsoft Project: 2000 - 2002

Microsoft Visio: 2002


CPE2.3 External links

http://technet.microsoft.com/en-us/library/security/ms06-038.aspx

Q & A

Can this vulnerability be exploited remotely?

How the attacker can exploit this vulnerability?

Is there known malware, which exploits this vulnerability?

2) Buffer overflow

EUVDB-ID: #VU1228

Risk: High

CVSSv3.1:

CVE-ID: CVE-2006-1318

CWE-ID: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer

Exploit availability: No

Description

The vulnerability allows a remote user to execute arbitrary code on the target system.

The vulnerability exists due to boundary error when parsing record lengths in Office documents. A remote attacker can create a specially crafted Office file, trick the victim into opening it and execute arbitrary code with privileges of the current user.

Successful exploitation of the vulnerability results in compromise of vulnerable system.

Mitigation

Install update from vendor's website:

Vulnerable software versions

Microsoft Office: 2000 - XP

Microsoft Office for Mac: 2004 - v.X

Microsoft Project: 2000 - 2002

Microsoft Visio: 2002


CPE2.3 External links

http://technet.microsoft.com/en-us/library/security/ms06-038.aspx

Q & A

Can this vulnerability be exploited remotely?

How the attacker can exploit this vulnerability?

Is there known malware, which exploits this vulnerability?

3) Buffer overflow

EUVDB-ID: #VU1227

Risk: Critical

CVSSv3.1:

CVE-ID: CVE-2006-1540

CWE-ID: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer

Exploit availability: Yes

Description

The vulnerability allows a remote user to execute arbitrary code on the target system.

The vulnerability exists due to boundary error when handling malformed strings in Office documents. A remote attacker can create a specially crafted Office file, trick the victim into opening it and execute arbitrary code with privileges of the current user.

Successful exploitation of the vulnerability results in compromise of vulnerable system.

Note: this vulnerability is being actively exploited.

Mitigation

Install update from vendor's website:

Vulnerable software versions

Microsoft Office: 2000 - XP

Microsoft Office for Mac: 2004 - v.X

Microsoft Project: 2000 - 2002

Microsoft Visio: 2002


CPE2.3 External links

http://technet.microsoft.com/en-us/library/security/ms06-038.aspx

Q & A

Can this vulnerability be exploited remotely?

How the attacker can exploit this vulnerability?

Is there known malware, which exploits this vulnerability?

4) Buffer overflow

EUVDB-ID: #VU1226

Risk: High

CVSSv3.1:

CVE-ID: CVE-2006-1316

CWE-ID: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer

Exploit availability: No

Description

The vulnerability allows a remote user to execute arbitrary code on the target system.

The vulnerability exists due to boundary error when parsing record lengths in Office documents. A remote attacker can create a specially crafted Office file, trick the victim into opening it and execute arbitrary code with privileges of the current user.

Successful exploitation of the vulnerability results in compromise of vulnerable system.

Mitigation

Install update from vendor's website:

Vulnerable software versions

Microsoft Office: 2000 - XP

Microsoft Office for Mac: 2004 - v.X

Microsoft Project: 2000 - 2002

Microsoft Visio: 2002


CPE2.3 External links

http://technet.microsoft.com/en-us/library/security/ms06-038.aspx

Q & A

Can this vulnerability be exploited remotely?

How the attacker can exploit this vulnerability?

Is there known malware, which exploits this vulnerability?



###SIDEBAR###