virus logo Intrusion Prevention

MS.Excel.Malformed.File.Format.Parsing.Code.Execution

description-logoDescription

Microsoft Excel has a code execution vulnerability. A remote attacker can execute arbitrary code on the system with the privileges of the victim via an Excel file with malformed BOOLERR recodes.

affected-products-logoAffected Products

Microsoft Corporation: Microsoft Office 2000 SP3
Microsoft Corporation: Microsoft Office 2003 SP1
Microsoft Corporation: Microsoft Office 2003 SP2
Microsoft Corporation: Microsoft Office 2004 for MacIntosh
Microsoft Corporation: Microsoft Office v. X for MacIntosh
Microsoft Corporation: Microsoft Office XP SP3
Microsoft Corporation: Microsoft Works Suite 2000
Microsoft Corporation: Microsoft Works Suite 2001
Microsoft Corporation: Microsoft Works Suite 2002
Microsoft Corporation: Microsoft Works Suite 2003
Microsoft Corporation: Microsoft Works Suite 2004
Microsoft Corporation: Microsoft Works Suite 2005
Microsoft Corporation: Microsoft Works Suite 2006

Impact logoImpact

System compromise: remote code execution.

recomended-action-logoRecommended Actions

Apply the appropriate patch for your system from the following web site:
http://www.microsoft.com/technet/security/Bulletin/MS06-012.mspx#E4EAE

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)
ID 13357
Created Oct 18, 2006
Updated Apr 24, 2014
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon
CVE ID CVE-2006-0028
Exploit Prediction Score 96.55%
Default Action drop
Active
Affected OS Windows
Affected App MS_Office