CVE-2006-1318
Microsoft Office - Remote Code Execution via Malformed Control in Document
Title source: llmDescription
Microsoft Office 2003 SP1 and SP2, Office XP SP3, Office 2000 SP3, Office 2004 for Mac, and Office X for Mac do not properly parse record lengths, which allows remote attackers to execute arbitrary code via a malformed control in an Office document, aka "Microsoft Office Control Vulnerability."
References (1)
Core 1
Core References
Vendor Advisory vendor-advisory
x_refsource_ms
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-038
Scores
EPSS
0.1546
EPSS Percentile
96.4%
Details
CWE
CWE-94
Status
published
Products (4)
microsoft/office
2000 sp1 (2 CPE variants)
microsoft/office
2004
microsoft/office
x
microsoft/office
xp sp3
Published
Sep 19, 2014
Tracked Since
Feb 18, 2026