Microsoft Excel Viewer vulnerabilities

CVE-2006-1309 [CRITICAL] CWE-94 CVE-2006-1309: Microsoft Excel 2000 through 2004 allows user-assisted attackers to execute arbitrary code via a .xl Microsoft Excel 2000 through 2004 allows user-assisted attackers to execute arbitrary code via a .xls file with a crafted LABEL record that triggers memory corruption.

CVE-2006-1306 [CRITICAL] CWE-94 CVE-2006-1306: Microsoft Excel 2000 through 2004 allows user-assisted attackers to execute arbitrary code via a .xl Microsoft Excel 2000 through 2004 allows user-assisted attackers to execute arbitrary code via a .xls file with a crafted BIFF record with an attacker-controlled array index that is used for a function pointer, aka "Malformed OBJECT record Vulnerability."

CVE-2006-1301 [CRITICAL] CWE-94 CVE-2006-1301: Microsoft Excel 2000 through 2004 allows user-assisted attackers to execute arbitrary code via a .xl Microsoft Excel 2000 through 2004 allows user-assisted attackers to execute arbitrary code via a .xls file with a crafted SELECTION record that triggers memory corruption, a different vulnerability than CVE-2006-1302.

CVE-2006-2388 [CRITICAL] CWE-94 CVE-2006-2388: Microsoft Office Excel 2000 through 2004 allows user-assisted attackers to execute arbitrary code vi Microsoft Office Excel 2000 through 2004 allows user-assisted attackers to execute arbitrary code via malformed cell comments, which lead to modification of "critical data offsets" during the rebuilding process.

CVE-2006-3059 [CRITICAL] CVE-2006-3059: Unspecified vulnerability in Microsoft Excel 2000 through 2004 allows remote user-assisted attackers Unspecified vulnerability in Microsoft Excel 2000 through 2004 allows remote user-assisted attackers to execute arbitrary code via unspecified vectors. NOTE: this is a different vulnerability than CVE-2006-3086.