To help clearly identify the issues, exploit code and remedy related to the recently announce Excel vulnerabilities, I offer this humble correlation. This information comes from Microsoft, Mitre, and vigilant readers sending in tips. My thanks go to all.
CVE-2006-3059 aka "Excel Repair Mode" http://www.microsoft.com/technet/security/advisory/921365.mspx
Exploited by: Mdropper.G, Booli.A, Flux.E, Booli.B
CVE-2006-3086 aka "Long Hyperlink" http://blogs.technet.com/msrc/archive/2006/06/20/437826.aspx
Exploited by: Urxcel.A, and three known public exploit code examples
CVE-2006-3014 aka "Shockwave vulnerability"
Exploited by proof of concept code Flemex.A
The workaround is a killbit
Jun 25th 2006
1 decade ago