CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2006-1318

Microsoft Office 2003 SP1 and SP2, Office XP SP3, Office 2000 SP3, Office 2004 for Mac, and Office X for Mac do not properly parse record lengths, which allows remote attackers to execute arbitrary code via a malformed control in an Office document, aka "Microsoft Office Control Vulnerability."

Exploit prediction scoring system (EPSS) score

EPSS Score 0.181

EPSS Ranking 94.8%

CVSS Severity

CVSS v2 Score 9.3

References

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-038
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-038

Products affected by CVE-2006-1318

Microsoft » Office » Version: 2000

cpe:2.3:a:microsoft:office:2000
Microsoft » Office » Version: 2004

cpe:2.3:a:microsoft:office:2004
Microsoft » Office » Version: x

cpe:2.3:a:microsoft:office:x
Microsoft » Office » Version: xp

cpe:2.3:a:microsoft:office:xp

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2006-1318

Products

Pricing

Contact Us