{"vuid":"VU#821772","idnumber":"821772","name":"Microsoft Excel fails to properly handle Lotus 1-2-3 files","keywords":["Microsoft","Excel","remote code execution","Lotus 1-2-3 file","ms06-oct"],"overview":"Microsoft Excel contains a vulnerability in the handling of malformed Lotus 1-2-3 files, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system.","clean_desc":"Microsoft Excel contains an unspecified vulnerability that could be exploited when Excel opens a specially crafted Lotus 1-2-3 document. This vulnerability affects both Windows and Mac versions of Excel.","impact":"By convincing a user to open a specially crafted Lotus 1-2-3 document, an attacker could execute arbitrary code with the privileges of the user running Excel. If the user is logged in with administrative privileges, the attacker could take complete control of a vulnerable system. This vulnerability may also cause Excel to crash.","resolution":"Apply an update\nThis vulnerability is addressed in Microsoft Security Bulletin MS06-059.","workarounds":"Do not open untrusted Lotus 1-2-3 documents Do not open unfamiliar or unexpected Lotus 1-2-3 or other Office documents, particularly those hosted on web sites or delivered as email attachments. Please see Cyber Security Tip ST04-010.","sysaffected":"","thanks":"This vulnerability was publicly disclosed by Benjamin Tobias Franz.","author":"This document was written by Will Dormann.","public":["http://www.microsoft.com/technet/security/bulletin/ms06-059.mspx","http://www.securityfocus.com/bid/20345"],"cveids":["CVE-2006-3867"],"certadvisory":"","uscerttechnicalalert":null,"datecreated":"2006-10-10T18:45:58Z","publicdate":"2006-10-10T00:00:00Z","datefirstpublished":"2006-10-10T20:40:29Z","dateupdated":"2007-02-27T19:36:43Z","revision":4,"vrda_d1_directreport":"0","vrda_d1_population":"3","vrda_d1_impact":"3","cam_widelyknown":"20","cam_exploitation":"0","cam_internetinfrastructure":"10","cam_population":"15","cam_impact":"15","cam_easeofexploitation":"18","cam_attackeraccessrequired":"17","cam_scorecurrent":"38.728125","cam_scorecurrentwidelyknown":"38.728125","cam_scorecurrentwidelyknownexploited":"64.546875","ipprotocol":"","cvss_accessvector":"","cvss_accesscomplexity":"","cvss_authentication":null,"cvss_confidentialityimpact":"","cvss_integrityimpact":"","cvss_availabilityimpact":"","cvss_exploitablity":null,"cvss_remediationlevel":"","cvss_reportconfidence":"","cvss_collateraldamagepotential":"","cvss_targetdistribution":"","cvss_securityrequirementscr":"","cvss_securityrequirementsir":"","cvss_securityrequirementsar":"","cvss_basescore":"","cvss_basevector":"","cvss_temporalscore":"","cvss_environmentalscore":"","cvss_environmentalvector":"","metric":38.728125,"vulnote":null}