1. Home
  2. CVE Database
  3. CVE-2006-1311
HIGH · 9.3

CVE-2006-1311

The RichEdit component in Microsoft Windows 2000 SP4, XP SP2, and 2003 SP1; Office 2000 SP3, XP SP3, 2003 SP2, and Office 2004 for Mac; and Learning Essentials for Microsoft Office 1.0, 1.1, and 1.5 a...

Vulnerability Description

The RichEdit component in Microsoft Windows 2000 SP4, XP SP2, and 2003 SP1; Office 2000 SP3, XP SP3, 2003 SP2, and Office 2004 for Mac; and Learning Essentials for Microsoft Office 1.0, 1.1, and 1.5 allows user-assisted remote attackers to execute arbitrary code via a malformed OLE object in an RTF file, which triggers memory corruption.

CVSS Score

9.3

HIGH

AV:N/AC:M/Au:N/C:C/I:C/A:C
Confidentiality
COMPLETE
Integrity
COMPLETE
Availability
COMPLETE

Affected Products

VendorProductVersions
MicrosoftLearning Essentials1.0
MicrosoftOfficeAll versions
MicrosoftWindows 2000All versions
MicrosoftWindows 2003 Serversp1
MicrosoftWindows XpAll versions

References

FAQ

What is CVE-2006-1311?

CVE-2006-1311 is a vulnerability with a CVSS score of 9.3 (HIGH). The RichEdit component in Microsoft Windows 2000 SP4, XP SP2, and 2003 SP1; Office 2000 SP3, XP SP3, 2003 SP2, and Office 2004 for Mac; and Learning Essentials for Microsoft Office 1.0, 1.1, and 1.5 a...

How severe is CVE-2006-1311?

CVE-2006-1311 has been rated HIGH with a CVSS base score of 9.3/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2006-1311?

Check the references section above for vendor advisories and patch information. Affected products include: Microsoft Learning Essentials, Microsoft Office, Microsoft Windows 2000, Microsoft Windows 2003 Server, Microsoft Windows Xp.