Unrated severityNVD Advisory· Published Jul 11, 2006· Updated Jun 16, 2026
CVE-2006-2389
CVE-2006-2389
Description
Unspecified vulnerability in Microsoft Office 2003 SP1 and SP2, Office XP SP3, Office 2000 SP3, and other products, allows user-assisted attackers to execute arbitrary code via an Office file with a malformed property that triggers memory corruption related to record lengths, aka "Microsoft Office Property Vulnerability," a different vulnerability than CVE-2006-1316.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
5cpe:2.3:a:microsoft:office:2000:sp3:*:*:*:*:*:*+ 4 more
- cpe:2.3:a:microsoft:office:2000:sp3:*:*:*:*:*:*
- cpe:2.3:a:microsoft:office:2003:sp1:*:*:*:*:*:*
- cpe:2.3:a:microsoft:office:2003:sp2:*:*:*:*:*:*
- cpe:2.3:a:microsoft:office:xp:sp3:*:*:*:*:*:*
- (no CPE)range: 2000 SP3, XP SP3, 2003 SP1/SP2
Patches
Vulnerability mechanics
References
10- secunia.com/advisories/21012nvdVendor Advisory
- www.vupen.com/english/advisories/2006/2756nvdVendor Advisory
- www.kb.cert.org/vuls/id/409316nvdUS Government Resource
- www.us-cert.gov/cas/techalerts/TA06-192A.htmlnvdUS Government Resource
- securitytracker.com/idnvd
- www.osvdb.org/27149nvd
- www.securityfocus.com/bid/18911nvd
- docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-038nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/27609nvd
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A279nvd
News mentions
0No linked articles in our index yet.