[VIM] nanika Excel buffer overflow is new

Steven M. Christey coley at mitre.org
Fri Jul 7 15:06:34 EDT 2006

FYI, I contacted Microsoft and they confirmed that the nanika Excel
overflow is new.  The CVE is below.

- Steve

Name: CVE-2006-3431
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3431
Reference: BUGTRAQ:20060703 Excel 2000/XP/2003 Style 0day POC
Reference: URL:http://www.securityfocus.com/archive/1/archive/1/438963/100/0/threaded
Reference: BUGTRAQ:20060707 Major updates to Excel 0-day Vulnerability FAQ at SecuriTeam Blogs
Reference: URL:http://www.securityfocus.com/archive/1/archive/1/439427/100/0/threaded
Reference: BID:18872
Reference: URL:http://www.securityfocus.com/bid/18872
Reference: FRSIRT:ADV-2006-2689
Reference: URL:http://www.frsirt.com/english/advisories/2006/2689
Reference: SECUNIA:20268
Reference: URL:http://secunia.com/advisories/20268

Buffer overflow in certain Asian language versions of Microsoft Excel
might allow user-complicit attackers to execute arbitrary code via a
crafted spreadsheet that triggers the overflow when the user attempts
to repair the document or selects the "Style" option, as demonstrated
by nanika.xls.  NOTE: Microsoft has confirmed to CVE via e-mail that
this is different than the other Excel vulnerabilities announced
before 20060707, including CVE-2006-3059 and CVE-2006-3086.

More information about the VIM mailing list