Home / malware CVE-2006-3059
First posted on 13 September 2006.
Source: SecurityHomeAliases :
CVE-2006-3059 is also known as Trojan-Dropper.MSExcel.CVE-2006-3059.a, Trojan-Dropper.MSExcel.Tored.e.
Explanation :
Microsoft Excel has a vulnerability that allows exection of arbitary code from a specially crafted Excel workbook.
Microsoft Excel contains a vulnerability that allows for the execution of arbitrary code in the context of the local user. The exploit occurs when Excel attempts to open and then recover what it thinks is a damaged workbook using the repair mode.
Microsoft has released an advisory about this issue, and it is available at:
http://www.microsoft.com/technet/security/advisory/921365.mspx.
A patch for this vulnerability was released on July 11, 2006. For more details, please see:
http://www.microsoft.com/technet/security/bulletin/ms06-037.mspx.Last update 13 September 2006