What is the severity of CVE-2006-1308?

CVE-2006-1308 has not been assigned a CVSS score, but it allows for remote code execution, indicating a significant security risk.

How do I fix CVE-2006-1308?

To mitigate CVE-2006-1308, users should upgrade to a patched version of Microsoft Excel that eliminates the vulnerability.

Which versions of Microsoft Excel are affected by CVE-2006-1308?

CVE-2006-1308 affects Microsoft Excel versions 2000, 2002, 2003, and 2004, including their respective service packs.

What type of attack is associated with CVE-2006-1308?

CVE-2006-1308 involves user-assisted attacks, where a malicious .xls file could be executed to run arbitrary code.

Is there a workaround for CVE-2006-1308?

As a workaround for CVE-2006-1308, users should avoid opening unknown or suspicious .xls files until a patch is applied.

Vulnerability/
CVE-2006-1308

critical

9.3

CWE

13/7/2006

7/8/2024

CVE-2006-1308: Code Injection

First published: Thu Jul 13 2006(Updated: )

Unspecified vulnerability in Microsoft Excel 2000 through 2004 allows user-assisted attackers to execute arbitrary code via a .xls file with a crafted FNGROUPCOUNT value.

Credit: secure@microsoft.com

Affected Software	Affected Version	How to fix
Microsoft Excel for Mac	=2000
Microsoft Excel for Mac	=2000-sp2
Microsoft Excel for Mac	=2000-sp3
Microsoft Excel for Mac	=2000-sr1
Microsoft Excel for Mac	=2002
Microsoft Excel for Mac	=2002-sp1
Microsoft Excel for Mac	=2002-sp2
Microsoft Excel for Mac	=2002-sp3
Microsoft Excel for Mac	=2003
Microsoft Excel for Mac	=2003-sp1
Microsoft Excel for Mac	=2004
Microsoft Excel for Mac	=x
Microsoft Excel Viewer	=2003

Remedy

http://www.securityfocus.com/bid/18890

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2006-1308?
CVE-2006-1308 has not been assigned a CVSS score, but it allows for remote code execution, indicating a significant security risk.
How do I fix CVE-2006-1308?
To mitigate CVE-2006-1308, users should upgrade to a patched version of Microsoft Excel that eliminates the vulnerability.
Which versions of Microsoft Excel are affected by CVE-2006-1308?
CVE-2006-1308 affects Microsoft Excel versions 2000, 2002, 2003, and 2004, including their respective service packs.
What type of attack is associated with CVE-2006-1308?
CVE-2006-1308 involves user-assisted attacks, where a malicious .xls file could be executed to run arbitrary code.
Is there a workaround for CVE-2006-1308?
As a workaround for CVE-2006-1308, users should avoid opening unknown or suspicious .xls files until a patch is applied.

agent/type
agent/softwarecombine
agent/weakness
agent/author
agent/severity
agent/references
agent/remedy
agent/description
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/first-publish-date
agent/event
agent/source
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
collector/nvd-historical
vendor/microsoft
canonical/microsoft excel for mac
version/microsoft excel for mac/2000
version/microsoft excel for mac/2000-sp2
version/microsoft excel for mac/2000-sp3
version/microsoft excel for mac/2000-sr1
version/microsoft excel for mac/2002
version/microsoft excel for mac/2002-sp1
version/microsoft excel for mac/2002-sp2
version/microsoft excel for mac/2002-sp3
version/microsoft excel for mac/2003
version/microsoft excel for mac/2003-sp1
version/microsoft excel for mac/2004
version/microsoft excel for mac/x
canonical/microsoft excel viewer
version/microsoft excel viewer/2003

Frequently Asked Questions

What is the severity of CVE-2006-1308?
CVE-2006-1308 has not been assigned a CVSS score, but it allows for remote code execution, indicating a significant security risk.
How do I fix CVE-2006-1308?
To mitigate CVE-2006-1308, users should upgrade to a patched version of Microsoft Excel that eliminates the vulnerability.
Which versions of Microsoft Excel are affected by CVE-2006-1308?
CVE-2006-1308 affects Microsoft Excel versions 2000, 2002, 2003, and 2004, including their respective service packs.
What type of attack is associated with CVE-2006-1308?
CVE-2006-1308 involves user-assisted attacks, where a malicious .xls file could be executed to run arbitrary code.
Is there a workaround for CVE-2006-1308?
As a workaround for CVE-2006-1308, users should avoid opening unknown or suspicious .xls files until a patch is applied.

CVE-2006-1308: Code Injection

Remedy

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2006-1308?

How do I fix CVE-2006-1308?

Which versions of Microsoft Excel are affected by CVE-2006-1308?

What type of attack is associated with CVE-2006-1308?

Is there a workaround for CVE-2006-1308?

Company

Resources

Contact

Frequently Asked Questions

What is the severity of CVE-2006-1308?

How do I fix CVE-2006-1308?

Which versions of Microsoft Excel are affected by CVE-2006-1308?

What type of attack is associated with CVE-2006-1308?

Is there a workaround for CVE-2006-1308?