CVE-2006-3653

Microsoft Works Spreadsheet 8.0 - Denial of Service via Crafted Spreadsheet Files

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2006-3653. PoCs published by Benjamin Franz.

AI-analyzed exploit summary The provided text describes multiple vulnerabilities in Microsoft Works 8.0, including buffer overflow and DoS issues when handling crafted spreadsheet documents. It references a binary exploit but does not contain executable code.

Description

wksss.exe 8.4.702.0 in Microsoft Works Spreadsheet 8.0 allows remote attackers to cause a denial of service (CPU consumption or crash) via crafted (1) Works, (2) Excel, and (3) Lotus 1-2-3 files.

Exploits (1)

exploitdb WRITEUP VERIFIED
by Benjamin Franz · textdoswindows
https://www.exploit-db.com/exploits/28222

The provided text describes multiple vulnerabilities in Microsoft Works 8.0, including buffer overflow and DoS issues when handling crafted spreadsheet documents. It references a binary exploit but does not contain executable code.

Classification
Writeup 90%
Attack Type
Rce | Dos
Complexity
Moderate
Reliability
Theoretical
Target: Microsoft Works 8.0
No auth needed
Prerequisites: Crafted spreadsheet document · User interaction to open the file
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4
Core References
Exploit vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/18989
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/440056/100/0/threaded
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://securitytracker.com/id?1016504
Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2006/2813

Scores

EPSS 0.1488
EPSS Percentile 96.3%

Details

Status published
Products (1)
microsoft/works 8.0
Published Jul 18, 2006
Tracked Since Feb 18, 2026