CVE-2006-0031Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft Office

CWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer2 documents2 sources
Severity
5.1MEDIUMNVD
EPSS
45.4%
top 2.38%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Microsoft Office
Timeline
PublishedMar 14
Latest updateMay 1

Description

Stack-based buffer overflow in Microsoft Excel 2000, 2002, and 2003, in Microsoft Office 2000 SP3 and other packages, allows user-assisted attackers to execute arbitrary code via an Excel file with a malformed record with a modified length value, which leads to memory corruption.

CVSS vector

AV:N/AC:H/C:P/I:P/A:PExploitability: 4.9 | Impact: 6.4

Affected Packages1 packages

NVDmicrosoft/office5 versions+4

Patches

Patch: secunia.comPatch: securitytracker.comPatch: www.securityfocus.com

🔴Vulnerability Details

1
GHSA
GHSA-vx4r-92mj-vwh4: Stack-based buffer overflow in Microsoft Excel 2000, 2002, and 2003, in Microsoft Office 2000 SP3 and other packages, allows user-assisted attackers t2022-05-01
CVE-2006-0031 — Microsoft Office vulnerability | cvebase