CVE-2006-2389

Microsoft Office - Remote Code Execution via Malformed Property Record Length

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2006-2389. PoCs published by anonymous.

AI-analyzed exploit summary This exploit targets CVE-2006-2389, a code execution vulnerability in Microsoft Office 2003. It uses a compressed file and shellcode to achieve remote code execution by corrupting process memory.

Description

Unspecified vulnerability in Microsoft Office 2003 SP1 and SP2, Office XP SP3, Office 2000 SP3, and other products, allows user-assisted attackers to execute arbitrary code via an Office file with a malformed property that triggers memory corruption related to record lengths, aka "Microsoft Office Property Vulnerability," a different vulnerability than CVE-2006-1316.

Exploits (1)

exploitdb WORKING POC VERIFIED
by anonymous · pythonremotewindows
https://www.exploit-db.com/exploits/28198

This exploit targets CVE-2006-2389, a code execution vulnerability in Microsoft Office 2003. It uses a compressed file and shellcode to achieve remote code execution by corrupting process memory.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Microsoft Office 2003
No auth needed
Prerequisites: Vulnerable version of Microsoft Office 2003 · User interaction to open malicious file
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (10)

Core 10
Core References
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/21012
Vendor Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2006/2756
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/18911
US Government Resource third-party-advisory x_refsource_cert-vn
http://www.kb.cert.org/vuls/id/409316
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/27609
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://www.osvdb.org/27149
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://securitytracker.com/id?1016469
US Government Resource third-party-advisory x_refsource_cert
http://www.us-cert.gov/cas/techalerts/TA06-192A.html
Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A279

Scores

EPSS 0.3884
EPSS Percentile 98.4%

Details

CWE
CWE-94
Status published
Products (3)
microsoft/office 2000 sp3
microsoft/office 2003 sp1 (2 CPE variants)
microsoft/office xp sp3
Published Jul 11, 2006
Tracked Since Feb 18, 2026