CVE-2006-2387

Microsoft Office Excel File Format DATETIME Record Parsing Vulnerability

Severity Score

5.1

*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

Unspecified vulnerability in Microsoft Excel 2000, 2002, 2003, 2004 for Mac, v.X for Mac, Excel Viewer 2003, and Microsoft Works Suite 2004 through 2006 allows user-assisted attackers to execute arbitrary code via a crafted DATETIME record in an XLS file, a different vulnerability than CVE-2006-3867 and CVE-2006-3875.

Vulnerabilidad no especificada en Microsoft Excel 2000, 2002, 2003, 2004 para Mac, v.X para Mac, Excel Viewer 2003, y Microsoft Works Suite 2004 hasta la 2006 permite a atacantes con la complicidad del usuario ejecutar código de su elección mediante un registro DATETIME artesanal en un fichero XLS, una vulnerabilidad diferente que CVE-2006-3867 y CVE-2006-3875.

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office. Exploitation requires that the attacker coerce the target user into opening a malicious .XLS file.
The specific flaw exists within the parsing of the BIFF file format used by Microsoft Excel. During the processing of malformed DATETIME records, user-supplied data may be insecurely referenced thereby leading to the eventual execution of arbitrary code.

*Credits: Manuel Santamarina Suarez

CVSS Scores

NISTv2 5.1

Attack Vector

Network

Attack Complexity

High

Authentication

None

Confidentiality

Partial

Integrity

Partial

Availability

Partial

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2006-05-15 CVE Reserved
2006-10-10 CVE Published
2024-03-04 EPSS Updated
2024-08-07 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CAPEC

References (9)

URL	Tag	Source
http://securitytracker.com/id?1017031	Third Party Advisory
http://www.kb.cert.org/vuls/id/706668	Third Party Advisory
http://www.securityfocus.com/archive/1/448147/100/0/threaded	Mailing List
http://www.securityfocus.com/bid/20344	Third Party Advisory
http://www.zerodayinitiative.com/advisories/ZDI-06-033.html	Third Party Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A570	Signature

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC
http://www.securityfocus.com/archive/1/449179/100/0/threaded	2018-10-30
http://www.vupen.com/english/advisories/2006/3978	2018-10-30
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-059	2018-10-30

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Microsoft Search vendor "Microsoft"		Office Search vendor "Microsoft" for product "Office"				2000 Search vendor "Microsoft" for product "Office" and version "2000"		-		Affected
Microsoft Search vendor "Microsoft"		Office Search vendor "Microsoft" for product "Office"				2000 Search vendor "Microsoft" for product "Office" and version "2000"		ja		Affected
Microsoft Search vendor "Microsoft"		Office Search vendor "Microsoft" for product "Office"				2000 Search vendor "Microsoft" for product "Office" and version "2000"		ko		Affected
Microsoft Search vendor "Microsoft"		Office Search vendor "Microsoft" for product "Office"				2000 Search vendor "Microsoft" for product "Office" and version "2000"		zh		Affected
Microsoft Search vendor "Microsoft"		Office Search vendor "Microsoft" for product "Office"				2000 Search vendor "Microsoft" for product "Office" and version "2000"		sp1		Affected
Microsoft Search vendor "Microsoft"		Office Search vendor "Microsoft" for product "Office"				2000 Search vendor "Microsoft" for product "Office" and version "2000"		sp2		Affected
Microsoft Search vendor "Microsoft"		Office Search vendor "Microsoft" for product "Office"				2000 Search vendor "Microsoft" for product "Office" and version "2000"		sp3		Affected
Microsoft Search vendor "Microsoft"		Office Search vendor "Microsoft" for product "Office"				2001 Search vendor "Microsoft" for product "Office" and version "2001"		-		Affected
Microsoft Search vendor "Microsoft"		Office Search vendor "Microsoft" for product "Office"				2001 Search vendor "Microsoft" for product "Office" and version "2001"		macintosh		Affected
Microsoft Search vendor "Microsoft"		Office Search vendor "Microsoft" for product "Office"				2001 Search vendor "Microsoft" for product "Office" and version "2001"		macos		Affected
Microsoft Search vendor "Microsoft"		Office Search vendor "Microsoft" for product "Office"				2001 Search vendor "Microsoft" for product "Office" and version "2001"		sr1, mac_os		Affected
Microsoft Search vendor "Microsoft"		Office Search vendor "Microsoft" for product "Office"				2003 Search vendor "Microsoft" for product "Office" and version "2003"		-		Affected
Microsoft Search vendor "Microsoft"		Office Search vendor "Microsoft" for product "Office"				2003 Search vendor "Microsoft" for product "Office" and version "2003"		sp1		Affected
Microsoft Search vendor "Microsoft"		Office Search vendor "Microsoft" for product "Office"				2003 Search vendor "Microsoft" for product "Office" and version "2003"		sp2		Affected
Microsoft Search vendor "Microsoft"		Office Search vendor "Microsoft" for product "Office"				2003 Search vendor "Microsoft" for product "Office" and version "2003"		sp3		Affected
Microsoft Search vendor "Microsoft"		Office Search vendor "Microsoft" for product "Office"				2004 Search vendor "Microsoft" for product "Office" and version "2004"		mac		Affected
Microsoft Search vendor "Microsoft"		Office Search vendor "Microsoft" for product "Office"				v.x Search vendor "Microsoft" for product "Office" and version "v.x"		-		Affected