CVE-2006-1311

Published: Feb 13, 2007Modified: Apr 23, 2026

9.3

Vector

AV:N/AC:M/Au:N/C:C/I:C/A:C

Exploitability: 8.6 / Impact: 10.0

Source: NVD

Description

The RichEdit component in Microsoft Windows 2000 SP4, XP SP2, and 2003 SP1; Office 2000 SP3, XP SP3, 2003 SP2, and Office 2004 for Mac; and Learning Essentials for Microsoft Office 1.0, 1.1, and 1.5 allows user-assisted remote attackers to execute arbitrary code via a malformed OLE object in an RTF file, which triggers memory corruption.

Affected (10)

Products: Microsoft: Learning Essentials, Office, Windows 2000, Windows 2003 Server, Windows Xp

5 products

Learning Essentials

Windows 2003 Server

Configuration A

7 vulnerable

Vulnerable Software	Affected Versions
Microsoft Learning Essentials	Version 1.0
Microsoft Learning Essentials	Version 1.1
Microsoft Learning Essentials	Version 1.5
Microsoft Office	All versions
Microsoft Office	Version 2000 sp3
Microsoft Office	Version 2003 sp2
Microsoft Office	Version xp sp3

Configuration B

3 vulnerable

Vulnerable Software	Affected Versions
Microsoft Windows 2000	All versions
Microsoft Windows 2003 Server	Version sp1
Microsoft Windows Xp	All versions

References (22)

http://secunia.com/advisories/24152

Source: secure@microsoft.com

http://www.kb.cert.org/vuls/id/368132

Source: secure@microsoft.com

US Government Resource

http://www.osvdb.org/31886

Source: secure@microsoft.com

http://www.securityfocus.com/bid/21876

Source: secure@microsoft.com

http://www.securitytracker.com/id?1017640

Source: secure@microsoft.com

http://www.securitytracker.com/id?1017641

Source: secure@microsoft.com

http://www.us-cert.gov/cas/techalerts/TA07-044A.html

Source: secure@microsoft.com

US Government Resource

http://www.vupen.com/english/advisories/2007/0582

Source: secure@microsoft.com

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-013

Source: secure@microsoft.com

https://exchange.xforce.ibmcloud.com/vulnerabilities/30592

Source: secure@microsoft.com

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1090

Source: secure@microsoft.com

http://secunia.com/advisories/24152

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.kb.cert.org/vuls/id/368132

Source: af854a3a-2127-422b-91ae-364da2661108

US Government Resource

http://www.osvdb.org/31886

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/21876

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securitytracker.com/id?1017640

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securitytracker.com/id?1017641

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.us-cert.gov/cas/techalerts/TA07-044A.html

Source: af854a3a-2127-422b-91ae-364da2661108

US Government Resource

http://www.vupen.com/english/advisories/2007/0582

Source: af854a3a-2127-422b-91ae-364da2661108

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-013

Source: af854a3a-2127-422b-91ae-364da2661108

https://exchange.xforce.ibmcloud.com/vulnerabilities/30592

Source: af854a3a-2127-422b-91ae-364da2661108

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1090

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.