Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2006-2387

Unspecified vulnerability in Microsoft Excel 2000, 2002, 2003, 2004 for Mac, v.X for Mac, Excel Viewer 2003, and Microsoft Works Suite 2004 through 2006 allows user-assisted attackers to execute arbitrary code via a crafted DATETIME record in an XLS file, a different vulnerability than CVE-2006-3867 and CVE-2006-3875.

Published

2006-10-10T22:07:00.000

Last Modified

2025-04-09T00:30:58.490

Status

Deferred

Source

[email protected]

Severity

CVSSv2: 5.1 (MEDIUM)

CVSSv2 Vector

AV:N/AC:H/Au:N/C:P/I:P/A:P

  • Access Vector: NETWORK
  • Access Complexity: HIGH
  • Authentication: NONE
  • Confidentiality Impact: PARTIAL
  • Integrity Impact: PARTIAL
  • Availability Impact: PARTIAL
Exploitability Score

4.9

Impact Score

6.4

Weaknesses
  • Type: Primary
    NVD-CWE-noinfo
Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Application microsoft office 2000 Yes
Application microsoft office 2000 Yes
Application microsoft office 2000 Yes
Application microsoft office 2000 Yes
Application microsoft office 2000 Yes
Application microsoft office 2000 Yes
Application microsoft office 2000 Yes
Application microsoft office 2001 Yes
Application microsoft office 2001 Yes
Application microsoft office 2001 Yes
Application microsoft office 2001 Yes
Application microsoft office 2003 Yes
Application microsoft office 2003 Yes
Application microsoft office 2003 Yes
Application microsoft office 2003 Yes
Application microsoft office 2004 Yes
Application microsoft office v.x Yes
References