Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CERTA-2006-AVI-112
Vulnerability from certfr_avis
Plusieurs vulnérabilités dans Microsoft Office permettent à un utilisateur mal intentionné d'exécuter du code arbitraire à distance sur la plate-forme vulnérable.
Description
Plusieurs vulnérabilités ont été découvertes dans Microsoft Office :
- Une vulnérabilité de type exécution de code arbitraire à distance liée à l'utilisation d'une plage de données mal formée dans Microsoft Office Excel (CVE-2005-4131) ;
- Une vulnérabilité de type exécution de code arbitraire à distance lors de l'analyse du format d'un fichier mal formé dans Microsoft Office Excel (CVE-2006-0028) ;
- Une vulnérabilité de type exécution de code arbitraire à distance lors de l'utilisation d'une description mal formé dans Microsoft Office Excel (CVE-2006-0029) ;
- Une vulnérabilité de type exécution de code arbitraire à distance lors de l'utilisation d'un graphique mal formé dans Microsoft Office Excel (CVE-2006-0030) ;
- Une vulnérabilité de type exécution de code arbitraire à distance lors de l'utilisation d'un enregistrement mal formé dans Microsoft Office Excel (CVE-2006-0031) ;
- Une vulnérabilité de type exécution de code arbitraire à distance lors de l'utilisation d'un bordereau de routage mal formé dans Microsoft Office (CVE-2006-0009) ;
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
- Microsoft Office 2000 Service Pack 3 (Word 2000, Excel 2000, Outlook 2000, PowerPoint 2000) ;
- Microsoft Office XP Service Pack 3 (Word 2002, Excel 2002, Outlook 2002, PowerPoint 2002) ;
- Microsoft Office 2003 Service Pack 1 ou Service Pack 2 (Excel 2003, Excel 2003 Viewer) ;
- Microsoft Works Suite 2000, 2001, 2002, 2003, 2004, 2005, 2006 ;
- Microsoft Office X pour Mac (Excel X pour Mac) ;
- Microsoft Office 2004 pour Mac (Excel 2004 pour Mac) ;
Les systèmes suivants ne sont pas affectés :
- Microsoft Office Excel 2000 Viewer ;
- Microsoft Office Excel 2002 Viewer ;
- Microsoft Office Word 2003 ;
- Microsoft Office Outlook 2003 ;
- Microsoft Office PowerPoint 2003.
Impacted products
| Vendor | Product | Description |
|---|
References
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [],
"affected_systems_content": "\u003cUL\u003e \u003cLI\u003eMicrosoft Office 2000 Service Pack 3 (Word 2000, Excel 2000, Outlook 2000, PowerPoint 2000) ;\u003c/LI\u003e \u003cLI\u003eMicrosoft Office XP Service Pack 3 (Word 2002, Excel 2002, Outlook 2002, PowerPoint 2002) ;\u003c/LI\u003e \u003cLI\u003eMicrosoft Office 2003 Service Pack 1 ou Service Pack 2 (Excel 2003, Excel 2003 Viewer) ;\u003c/LI\u003e \u003cLI\u003eMicrosoft Works Suite 2000, 2001, 2002, 2003, 2004, 2005, 2006 ;\u003c/LI\u003e \u003cLI\u003eMicrosoft Office X pour Mac (Excel X pour Mac) ;\u003c/LI\u003e \u003cLI\u003eMicrosoft Office 2004 pour Mac (Excel 2004 pour Mac) ;\u003c/LI\u003e \u003c/UL\u003e \u003cP\u003eLes syst\u00e8mes suivants \u003cTT\u003ene sont pas affect\u00e9s\u003c/TT\u003e :\u003c/P\u003e \u003cUL\u003e \u003cLI\u003eMicrosoft Office Excel 2000 Viewer ;\u003c/LI\u003e \u003cLI\u003eMicrosoft Office Excel 2002 Viewer ;\u003c/LI\u003e \u003cLI\u003eMicrosoft Office Word 2003 ;\u003c/LI\u003e \u003cLI\u003eMicrosoft Office Outlook 2003 ;\u003c/LI\u003e \u003cLI\u003eMicrosoft Office PowerPoint 2003.\u003c/LI\u003e \u003c/UL\u003e",
"content": "## Description\n\nPlusieurs vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Microsoft Office :\n\n- Une vuln\u00e9rabilit\u00e9 de type ex\u00e9cution de code arbitraire \u00e0 distance\n li\u00e9e \u00e0 l\u0027utilisation d\u0027une plage de donn\u00e9es mal form\u00e9e dans\n Microsoft Office Excel (CVE-2005-4131) ;\n- Une vuln\u00e9rabilit\u00e9 de type ex\u00e9cution de code arbitraire \u00e0 distance\n lors de l\u0027analyse du format d\u0027un fichier mal form\u00e9 dans Microsoft\n Office Excel (CVE-2006-0028) ;\n- Une vuln\u00e9rabilit\u00e9 de type ex\u00e9cution de code arbitraire \u00e0 distance\n lors de l\u0027utilisation d\u0027une description mal form\u00e9 dans Microsoft\n Office Excel (CVE-2006-0029) ;\n- Une vuln\u00e9rabilit\u00e9 de type ex\u00e9cution de code arbitraire \u00e0 distance\n lors de l\u0027utilisation d\u0027un graphique mal form\u00e9 dans Microsoft Office\n Excel (CVE-2006-0030) ;\n- Une vuln\u00e9rabilit\u00e9 de type ex\u00e9cution de code arbitraire \u00e0 distance\n lors de l\u0027utilisation d\u0027un enregistrement mal form\u00e9 dans Microsoft\n Office Excel (CVE-2006-0031) ;\n- Une vuln\u00e9rabilit\u00e9 de type ex\u00e9cution de code arbitraire \u00e0 distance\n lors de l\u0027utilisation d\u0027un bordereau de routage mal form\u00e9 dans\n Microsoft Office (CVE-2006-0009) ;\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2005-4131",
"url": "https://www.cve.org/CVERecord?id=CVE-2005-4131"
},
{
"name": "CVE-2006-0009",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-0009"
},
{
"name": "CVE-2006-0029",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-0029"
},
{
"name": "CVE-2006-0030",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-0030"
},
{
"name": "CVE-2006-0031",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-0031"
},
{
"name": "CVE-2006-0028",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-0028"
}
],
"initial_release_date": "2006-03-15T00:00:00",
"last_revision_date": "2006-03-15T00:00:00",
"links": [
{
"title": "Site Internet de Microsoft Office :",
"url": "http://www.microsoft.com/france/office/default.mspx"
}
],
"reference": "CERTA-2006-AVI-112",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2006-03-15T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
}
],
"summary": "Plusieurs vuln\u00e9rabilit\u00e9s dans Microsoft Office permettent \u00e0 un\nutilisateur mal intentionn\u00e9 d\u0027ex\u00e9cuter du code arbitraire \u00e0 distance sur\nla plate-forme vuln\u00e9rable.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Microsoft Office",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft MS06-012 du 14 mars 2006",
"url": "http://www.microsoft.com/technet/security/Bulletin/MS06-012.mspx"
}
]
}
CVE-2006-0028 (GCVE-0-2006-0028)
Vulnerability from cvelistv5
Published
2006-03-14 23:00
Modified
2024-08-07 16:18
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Unspecified vulnerability in Microsoft Excel 2000, 2002, and 2003, in Microsoft Office 2000 SP3 and other packages, allows user-assisted attackers to execute arbitrary code via a BIFF parsing format file containing malformed BOOLERR records that lead to memory corruption, probably involving invalid pointers.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T16:18:20.725Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2006-0950",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/0950"
},
{
"name": "oval:org.mitre.oval:def:1411",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1411"
},
{
"name": "oval:org.mitre.oval:def:1509",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1509"
},
{
"name": "oval:org.mitre.oval:def:1158",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1158"
},
{
"name": "583",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/583"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2006-069.htm"
},
{
"name": "19238",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/19238"
},
{
"name": "VU#339878",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/339878"
},
{
"name": "TA06-073A",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA06-073A.html"
},
{
"name": "19138",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/19138"
},
{
"name": "20060314 ZDI-06-004: Microsoft Excel File Format Parsing Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/427632/100/0/threaded"
},
{
"name": "1015766",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1015766"
},
{
"name": "23899",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/23899"
},
{
"name": "oval:org.mitre.oval:def:1635",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1635"
},
{
"name": "MS06-012",
"tags": [
"vendor-advisory",
"x_refsource_MS",
"x_transferred"
],
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-012"
},
{
"name": "excel-parsing-format-file-bo(25225)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25225"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-06-004.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-03-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Microsoft Excel 2000, 2002, and 2003, in Microsoft Office 2000 SP3 and other packages, allows user-assisted attackers to execute arbitrary code via a BIFF parsing format file containing malformed BOOLERR records that lead to memory corruption, probably involving invalid pointers."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-19T14:57:01",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "ADV-2006-0950",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/0950"
},
{
"name": "oval:org.mitre.oval:def:1411",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1411"
},
{
"name": "oval:org.mitre.oval:def:1509",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1509"
},
{
"name": "oval:org.mitre.oval:def:1158",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1158"
},
{
"name": "583",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/583"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2006-069.htm"
},
{
"name": "19238",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/19238"
},
{
"name": "VU#339878",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/339878"
},
{
"name": "TA06-073A",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA06-073A.html"
},
{
"name": "19138",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/19138"
},
{
"name": "20060314 ZDI-06-004: Microsoft Excel File Format Parsing Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/427632/100/0/threaded"
},
{
"name": "1015766",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1015766"
},
{
"name": "23899",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/23899"
},
{
"name": "oval:org.mitre.oval:def:1635",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1635"
},
{
"name": "MS06-012",
"tags": [
"vendor-advisory",
"x_refsource_MS"
],
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-012"
},
{
"name": "excel-parsing-format-file-bo(25225)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25225"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-06-004.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2006-0028",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in Microsoft Excel 2000, 2002, and 2003, in Microsoft Office 2000 SP3 and other packages, allows user-assisted attackers to execute arbitrary code via a BIFF parsing format file containing malformed BOOLERR records that lead to memory corruption, probably involving invalid pointers."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2006-0950",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/0950"
},
{
"name": "oval:org.mitre.oval:def:1411",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1411"
},
{
"name": "oval:org.mitre.oval:def:1509",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1509"
},
{
"name": "oval:org.mitre.oval:def:1158",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1158"
},
{
"name": "583",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/583"
},
{
"name": "http://support.avaya.com/elmodocs2/security/ASA-2006-069.htm",
"refsource": "CONFIRM",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2006-069.htm"
},
{
"name": "19238",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19238"
},
{
"name": "VU#339878",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/339878"
},
{
"name": "TA06-073A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA06-073A.html"
},
{
"name": "19138",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19138"
},
{
"name": "20060314 ZDI-06-004: Microsoft Excel File Format Parsing Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/427632/100/0/threaded"
},
{
"name": "1015766",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015766"
},
{
"name": "23899",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/23899"
},
{
"name": "oval:org.mitre.oval:def:1635",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1635"
},
{
"name": "MS06-012",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-012"
},
{
"name": "excel-parsing-format-file-bo(25225)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25225"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-06-004.html",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-06-004.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2006-0028",
"datePublished": "2006-03-14T23:00:00",
"dateReserved": "2005-11-30T00:00:00",
"dateUpdated": "2024-08-07T16:18:20.725Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-0030 (GCVE-0-2006-0030)
Vulnerability from cvelistv5
Published
2006-03-14 23:00
Modified
2024-08-07 16:18
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Unspecified vulnerability in Microsoft Excel 2000, 2002, and 2003, in Microsoft Office 2000 SP3 and other packages, allows user-assisted attackers to execute arbitrary code via an Excel file with a malformed graphic, which leads to memory corruption.
References
| URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T16:18:20.643Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2006-0950",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/0950"
},
{
"name": "oval:org.mitre.oval:def:1510",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1510"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2006-069.htm"
},
{
"name": "oval:org.mitre.oval:def:1630",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1630"
},
{
"name": "19238",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/19238"
},
{
"name": "excel-graphic-bo(25229)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25229"
},
{
"name": "oval:org.mitre.oval:def:1401",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1401"
},
{
"name": "oval:org.mitre.oval:def:1666",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1666"
},
{
"name": "TA06-073A",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA06-073A.html"
},
{
"name": "16181",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/16181"
},
{
"name": "19138",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/19138"
},
{
"name": "23901",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/23901"
},
{
"name": "1015766",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1015766"
},
{
"name": "VU#123222",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/123222"
},
{
"name": "MS06-012",
"tags": [
"vendor-advisory",
"x_refsource_MS",
"x_transferred"
],
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-012"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-03-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Microsoft Excel 2000, 2002, and 2003, in Microsoft Office 2000 SP3 and other packages, allows user-assisted attackers to execute arbitrary code via an Excel file with a malformed graphic, which leads to memory corruption."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-12T19:57:01",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "ADV-2006-0950",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/0950"
},
{
"name": "oval:org.mitre.oval:def:1510",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1510"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2006-069.htm"
},
{
"name": "oval:org.mitre.oval:def:1630",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1630"
},
{
"name": "19238",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/19238"
},
{
"name": "excel-graphic-bo(25229)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25229"
},
{
"name": "oval:org.mitre.oval:def:1401",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1401"
},
{
"name": "oval:org.mitre.oval:def:1666",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1666"
},
{
"name": "TA06-073A",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA06-073A.html"
},
{
"name": "16181",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/16181"
},
{
"name": "19138",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/19138"
},
{
"name": "23901",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/23901"
},
{
"name": "1015766",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1015766"
},
{
"name": "VU#123222",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/123222"
},
{
"name": "MS06-012",
"tags": [
"vendor-advisory",
"x_refsource_MS"
],
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-012"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2006-0030",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in Microsoft Excel 2000, 2002, and 2003, in Microsoft Office 2000 SP3 and other packages, allows user-assisted attackers to execute arbitrary code via an Excel file with a malformed graphic, which leads to memory corruption."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2006-0950",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/0950"
},
{
"name": "oval:org.mitre.oval:def:1510",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1510"
},
{
"name": "http://support.avaya.com/elmodocs2/security/ASA-2006-069.htm",
"refsource": "CONFIRM",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2006-069.htm"
},
{
"name": "oval:org.mitre.oval:def:1630",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1630"
},
{
"name": "19238",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19238"
},
{
"name": "excel-graphic-bo(25229)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25229"
},
{
"name": "oval:org.mitre.oval:def:1401",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1401"
},
{
"name": "oval:org.mitre.oval:def:1666",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1666"
},
{
"name": "TA06-073A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA06-073A.html"
},
{
"name": "16181",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/16181"
},
{
"name": "19138",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19138"
},
{
"name": "23901",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/23901"
},
{
"name": "1015766",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015766"
},
{
"name": "VU#123222",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/123222"
},
{
"name": "MS06-012",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-012"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2006-0030",
"datePublished": "2006-03-14T23:00:00",
"dateReserved": "2005-11-30T00:00:00",
"dateUpdated": "2024-08-07T16:18:20.643Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-0031 (GCVE-0-2006-0031)
Vulnerability from cvelistv5
Published
2006-03-14 23:00
Modified
2024-08-07 16:18
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Stack-based buffer overflow in Microsoft Excel 2000, 2002, and 2003, in Microsoft Office 2000 SP3 and other packages, allows user-assisted attackers to execute arbitrary code via an Excel file with a malformed record with a modified length value, which leads to memory corruption.
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T16:18:20.952Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "excel-record-bo(25228)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25228"
},
{
"name": "oval:org.mitre.oval:def:1327",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1327"
},
{
"name": "589",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/589"
},
{
"name": "23902",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/23902"
},
{
"name": "ADV-2006-0950",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/0950"
},
{
"name": "oval:org.mitre.oval:def:1525",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1525"
},
{
"name": "20060315 [xfocus-SD-060314]Microsoft Office Excel Buffer Overflow Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/427699/100/0/threaded"
},
{
"name": "17101",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/17101"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2006-069.htm"
},
{
"name": "VU#104302",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/104302"
},
{
"name": "oval:org.mitre.oval:def:763",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A763"
},
{
"name": "19238",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/19238"
},
{
"name": "20060314 [xfocus-SD-060314]Microsoft Office Excel Buffer Overflow Vulnerability",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-02/1521.html"
},
{
"name": "TA06-073A",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA06-073A.html"
},
{
"name": "19138",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/19138"
},
{
"name": "oval:org.mitre.oval:def:1750",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1750"
},
{
"name": "1015766",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1015766"
},
{
"name": "MS06-012",
"tags": [
"vendor-advisory",
"x_refsource_MS",
"x_transferred"
],
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-012"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-03-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in Microsoft Excel 2000, 2002, and 2003, in Microsoft Office 2000 SP3 and other packages, allows user-assisted attackers to execute arbitrary code via an Excel file with a malformed record with a modified length value, which leads to memory corruption."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-19T14:57:01",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "excel-record-bo(25228)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25228"
},
{
"name": "oval:org.mitre.oval:def:1327",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1327"
},
{
"name": "589",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/589"
},
{
"name": "23902",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/23902"
},
{
"name": "ADV-2006-0950",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/0950"
},
{
"name": "oval:org.mitre.oval:def:1525",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1525"
},
{
"name": "20060315 [xfocus-SD-060314]Microsoft Office Excel Buffer Overflow Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/427699/100/0/threaded"
},
{
"name": "17101",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/17101"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2006-069.htm"
},
{
"name": "VU#104302",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/104302"
},
{
"name": "oval:org.mitre.oval:def:763",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A763"
},
{
"name": "19238",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/19238"
},
{
"name": "20060314 [xfocus-SD-060314]Microsoft Office Excel Buffer Overflow Vulnerability",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-02/1521.html"
},
{
"name": "TA06-073A",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA06-073A.html"
},
{
"name": "19138",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/19138"
},
{
"name": "oval:org.mitre.oval:def:1750",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1750"
},
{
"name": "1015766",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1015766"
},
{
"name": "MS06-012",
"tags": [
"vendor-advisory",
"x_refsource_MS"
],
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-012"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2006-0031",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in Microsoft Excel 2000, 2002, and 2003, in Microsoft Office 2000 SP3 and other packages, allows user-assisted attackers to execute arbitrary code via an Excel file with a malformed record with a modified length value, which leads to memory corruption."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "excel-record-bo(25228)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25228"
},
{
"name": "oval:org.mitre.oval:def:1327",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1327"
},
{
"name": "589",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/589"
},
{
"name": "23902",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/23902"
},
{
"name": "ADV-2006-0950",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/0950"
},
{
"name": "oval:org.mitre.oval:def:1525",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1525"
},
{
"name": "20060315 [xfocus-SD-060314]Microsoft Office Excel Buffer Overflow Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/427699/100/0/threaded"
},
{
"name": "17101",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/17101"
},
{
"name": "http://support.avaya.com/elmodocs2/security/ASA-2006-069.htm",
"refsource": "CONFIRM",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2006-069.htm"
},
{
"name": "VU#104302",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/104302"
},
{
"name": "oval:org.mitre.oval:def:763",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A763"
},
{
"name": "19238",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19238"
},
{
"name": "20060314 [xfocus-SD-060314]Microsoft Office Excel Buffer Overflow Vulnerability",
"refsource": "FULLDISC",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-02/1521.html"
},
{
"name": "TA06-073A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA06-073A.html"
},
{
"name": "19138",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19138"
},
{
"name": "oval:org.mitre.oval:def:1750",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1750"
},
{
"name": "1015766",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015766"
},
{
"name": "MS06-012",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-012"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2006-0031",
"datePublished": "2006-03-14T23:00:00",
"dateReserved": "2005-11-30T00:00:00",
"dateUpdated": "2024-08-07T16:18:20.952Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-0009 (GCVE-0-2006-0009)
Vulnerability from cvelistv5
Published
2006-03-14 23:00
Modified
2024-08-07 16:18
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Buffer overflow in Microsoft Office 2000 SP3, XP SP3, and other versions and packages, allows user-assisted attackers to execute arbitrary code via a routing slip that is longer than specified by the provided length field, as exploited by malware such as TROJ_MDROPPER.BH and Trojan.PPDropper.E in attacks against PowerPoint.
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T16:18:20.667Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20060422 PowerPoint Phishing Trojan",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/432004/30/5340/threaded"
},
{
"name": "ADV-2006-3678",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/3678"
},
{
"name": "VU#682820",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/682820"
},
{
"name": "oval:org.mitre.oval:def:1504",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1504"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.symantec.com/security_response/writeup.jsp?docid=2006-091810-5028-99"
},
{
"name": "ADV-2006-0950",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/0950"
},
{
"name": "oval:org.mitre.oval:def:1653",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1653"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.symantec.com/enterprise/research/SYMSA-2006-001.txt"
},
{
"name": "20060822 Major updates in PowerPoint FAQ document - not a 0-day issue",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-08/0597.html"
},
{
"name": "20059",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/20059"
},
{
"name": "20060314 SYMSA-2006-001: Buffer overflow in Microsoft Office 2000, Office XP (2002), and Office 2003 Routing Slip Metadata",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/427671/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.darkreading.com/document.asp?doc_id=101970"
},
{
"name": "1016886",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1016886"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://isc.sans.org/diary.php?storyid=1618"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://blogs.securiteam.com/?author=28"
},
{
"name": "powerpoint-presentation-code-execution(29009)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29009"
},
{
"name": "17000",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/17000"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2006-069.htm"
},
{
"name": "19238",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/19238"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://blogs.securiteam.com/?p=557"
},
{
"name": "20060919 Microsoft PowerPoint 0-day Vulnerability FAQ - September written",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/446425/100/0/threaded"
},
{
"name": "1016720",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1016720"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://blogs.securiteam.com/?p=559"
},
{
"name": "TA06-073A",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA06-073A.html"
},
{
"name": "office-routing-slip-bo(25009)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25009"
},
{
"name": "20060919 New PowerPoint 0-day Trojan in the wild",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-September/049540.html"
},
{
"name": "oval:org.mitre.oval:def:798",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A798"
},
{
"name": "19138",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/19138"
},
{
"name": "oval:org.mitre.oval:def:1553",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1553"
},
{
"name": "23903",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/23903"
},
{
"name": "20060819 New PowerPoint 0-day and Trojan - FAQ document ready",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/443890/100/0/threaded"
},
{
"name": "20060919 New PowerPoint 0-day Trojan in the wild",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/446370/100/0/threaded"
},
{
"name": "20060822 Major updates in PowerPoint FAQ document - not a 0-day issue",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/444051/100/200/threaded"
},
{
"name": "1015766",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1015766"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=TROJ_MDROPPER.BH"
},
{
"name": "MS06-012",
"tags": [
"vendor-advisory",
"x_refsource_MS",
"x_transferred"
],
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-012"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-03-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in Microsoft Office 2000 SP3, XP SP3, and other versions and packages, allows user-assisted attackers to execute arbitrary code via a routing slip that is longer than specified by the provided length field, as exploited by malware such as TROJ_MDROPPER.BH and Trojan.PPDropper.E in attacks against PowerPoint."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-19T14:57:01",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "20060422 PowerPoint Phishing Trojan",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/432004/30/5340/threaded"
},
{
"name": "ADV-2006-3678",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/3678"
},
{
"name": "VU#682820",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/682820"
},
{
"name": "oval:org.mitre.oval:def:1504",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1504"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.symantec.com/security_response/writeup.jsp?docid=2006-091810-5028-99"
},
{
"name": "ADV-2006-0950",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/0950"
},
{
"name": "oval:org.mitre.oval:def:1653",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1653"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.symantec.com/enterprise/research/SYMSA-2006-001.txt"
},
{
"name": "20060822 Major updates in PowerPoint FAQ document - not a 0-day issue",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-08/0597.html"
},
{
"name": "20059",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/20059"
},
{
"name": "20060314 SYMSA-2006-001: Buffer overflow in Microsoft Office 2000, Office XP (2002), and Office 2003 Routing Slip Metadata",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/427671/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.darkreading.com/document.asp?doc_id=101970"
},
{
"name": "1016886",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1016886"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://isc.sans.org/diary.php?storyid=1618"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://blogs.securiteam.com/?author=28"
},
{
"name": "powerpoint-presentation-code-execution(29009)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29009"
},
{
"name": "17000",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/17000"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2006-069.htm"
},
{
"name": "19238",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/19238"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://blogs.securiteam.com/?p=557"
},
{
"name": "20060919 Microsoft PowerPoint 0-day Vulnerability FAQ - September written",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/446425/100/0/threaded"
},
{
"name": "1016720",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1016720"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://blogs.securiteam.com/?p=559"
},
{
"name": "TA06-073A",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA06-073A.html"
},
{
"name": "office-routing-slip-bo(25009)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25009"
},
{
"name": "20060919 New PowerPoint 0-day Trojan in the wild",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-September/049540.html"
},
{
"name": "oval:org.mitre.oval:def:798",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A798"
},
{
"name": "19138",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/19138"
},
{
"name": "oval:org.mitre.oval:def:1553",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1553"
},
{
"name": "23903",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/23903"
},
{
"name": "20060819 New PowerPoint 0-day and Trojan - FAQ document ready",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/443890/100/0/threaded"
},
{
"name": "20060919 New PowerPoint 0-day Trojan in the wild",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/446370/100/0/threaded"
},
{
"name": "20060822 Major updates in PowerPoint FAQ document - not a 0-day issue",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/444051/100/200/threaded"
},
{
"name": "1015766",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1015766"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=TROJ_MDROPPER.BH"
},
{
"name": "MS06-012",
"tags": [
"vendor-advisory",
"x_refsource_MS"
],
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-012"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2006-0009",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in Microsoft Office 2000 SP3, XP SP3, and other versions and packages, allows user-assisted attackers to execute arbitrary code via a routing slip that is longer than specified by the provided length field, as exploited by malware such as TROJ_MDROPPER.BH and Trojan.PPDropper.E in attacks against PowerPoint."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20060422 PowerPoint Phishing Trojan",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/432004/30/5340/threaded"
},
{
"name": "ADV-2006-3678",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/3678"
},
{
"name": "VU#682820",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/682820"
},
{
"name": "oval:org.mitre.oval:def:1504",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1504"
},
{
"name": "http://www.symantec.com/security_response/writeup.jsp?docid=2006-091810-5028-99",
"refsource": "MISC",
"url": "http://www.symantec.com/security_response/writeup.jsp?docid=2006-091810-5028-99"
},
{
"name": "ADV-2006-0950",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/0950"
},
{
"name": "oval:org.mitre.oval:def:1653",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1653"
},
{
"name": "http://www.symantec.com/enterprise/research/SYMSA-2006-001.txt",
"refsource": "MISC",
"url": "http://www.symantec.com/enterprise/research/SYMSA-2006-001.txt"
},
{
"name": "20060822 Major updates in PowerPoint FAQ document - not a 0-day issue",
"refsource": "FULLDISC",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-08/0597.html"
},
{
"name": "20059",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/20059"
},
{
"name": "20060314 SYMSA-2006-001: Buffer overflow in Microsoft Office 2000, Office XP (2002), and Office 2003 Routing Slip Metadata",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/427671/100/0/threaded"
},
{
"name": "http://www.darkreading.com/document.asp?doc_id=101970",
"refsource": "MISC",
"url": "http://www.darkreading.com/document.asp?doc_id=101970"
},
{
"name": "1016886",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016886"
},
{
"name": "http://isc.sans.org/diary.php?storyid=1618",
"refsource": "MISC",
"url": "http://isc.sans.org/diary.php?storyid=1618"
},
{
"name": "http://blogs.securiteam.com/?author=28",
"refsource": "MISC",
"url": "http://blogs.securiteam.com/?author=28"
},
{
"name": "powerpoint-presentation-code-execution(29009)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29009"
},
{
"name": "17000",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/17000"
},
{
"name": "http://support.avaya.com/elmodocs2/security/ASA-2006-069.htm",
"refsource": "CONFIRM",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2006-069.htm"
},
{
"name": "19238",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19238"
},
{
"name": "http://blogs.securiteam.com/?p=557",
"refsource": "MISC",
"url": "http://blogs.securiteam.com/?p=557"
},
{
"name": "20060919 Microsoft PowerPoint 0-day Vulnerability FAQ - September written",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/446425/100/0/threaded"
},
{
"name": "1016720",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016720"
},
{
"name": "http://blogs.securiteam.com/?p=559",
"refsource": "MISC",
"url": "http://blogs.securiteam.com/?p=559"
},
{
"name": "TA06-073A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA06-073A.html"
},
{
"name": "office-routing-slip-bo(25009)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25009"
},
{
"name": "20060919 New PowerPoint 0-day Trojan in the wild",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-September/049540.html"
},
{
"name": "oval:org.mitre.oval:def:798",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A798"
},
{
"name": "19138",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19138"
},
{
"name": "oval:org.mitre.oval:def:1553",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1553"
},
{
"name": "23903",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/23903"
},
{
"name": "20060819 New PowerPoint 0-day and Trojan - FAQ document ready",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/443890/100/0/threaded"
},
{
"name": "20060919 New PowerPoint 0-day Trojan in the wild",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/446370/100/0/threaded"
},
{
"name": "20060822 Major updates in PowerPoint FAQ document - not a 0-day issue",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/444051/100/200/threaded"
},
{
"name": "1015766",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015766"
},
{
"name": "http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=TROJ%5FMDROPPER%2EBH",
"refsource": "MISC",
"url": "http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=TROJ%5FMDROPPER%2EBH"
},
{
"name": "MS06-012",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-012"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2006-0009",
"datePublished": "2006-03-14T23:00:00",
"dateReserved": "2005-11-09T00:00:00",
"dateUpdated": "2024-08-07T16:18:20.667Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-0029 (GCVE-0-2006-0029)
Vulnerability from cvelistv5
Published
2006-03-14 23:00
Modified
2024-08-07 16:18
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Unspecified vulnerability in Microsoft Excel 2000, 2002, and 2003, in Microsoft Office 2000 SP3 and other packages, allows user-assisted attackers to execute arbitrary code via an Excel file with a malformed description, which leads to memory corruption.
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T16:18:20.673Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2006-0950",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/0950"
},
{
"name": "585",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/585"
},
{
"name": "oval:org.mitre.oval:def:1579",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1579"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2006-069.htm"
},
{
"name": "oval:org.mitre.oval:def:1570",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1570"
},
{
"name": "19238",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/19238"
},
{
"name": "586",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/586"
},
{
"name": "VU#235774",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/235774"
},
{
"name": "oval:org.mitre.oval:def:1522",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1522"
},
{
"name": "oval:org.mitre.oval:def:1633",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1633"
},
{
"name": "TA06-073A",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA06-073A.html"
},
{
"name": "19138",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/19138"
},
{
"name": "23900",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/23900"
},
{
"name": "1015766",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1015766"
},
{
"name": "excel-description-bo(25227)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25227"
},
{
"name": "MS06-012",
"tags": [
"vendor-advisory",
"x_refsource_MS",
"x_transferred"
],
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-012"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-03-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Microsoft Excel 2000, 2002, and 2003, in Microsoft Office 2000 SP3 and other packages, allows user-assisted attackers to execute arbitrary code via an Excel file with a malformed description, which leads to memory corruption."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-12T19:57:01",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "ADV-2006-0950",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/0950"
},
{
"name": "585",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/585"
},
{
"name": "oval:org.mitre.oval:def:1579",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1579"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2006-069.htm"
},
{
"name": "oval:org.mitre.oval:def:1570",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1570"
},
{
"name": "19238",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/19238"
},
{
"name": "586",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/586"
},
{
"name": "VU#235774",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/235774"
},
{
"name": "oval:org.mitre.oval:def:1522",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1522"
},
{
"name": "oval:org.mitre.oval:def:1633",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1633"
},
{
"name": "TA06-073A",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA06-073A.html"
},
{
"name": "19138",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/19138"
},
{
"name": "23900",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/23900"
},
{
"name": "1015766",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1015766"
},
{
"name": "excel-description-bo(25227)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25227"
},
{
"name": "MS06-012",
"tags": [
"vendor-advisory",
"x_refsource_MS"
],
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-012"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2006-0029",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in Microsoft Excel 2000, 2002, and 2003, in Microsoft Office 2000 SP3 and other packages, allows user-assisted attackers to execute arbitrary code via an Excel file with a malformed description, which leads to memory corruption."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2006-0950",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/0950"
},
{
"name": "585",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/585"
},
{
"name": "oval:org.mitre.oval:def:1579",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1579"
},
{
"name": "http://support.avaya.com/elmodocs2/security/ASA-2006-069.htm",
"refsource": "CONFIRM",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2006-069.htm"
},
{
"name": "oval:org.mitre.oval:def:1570",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1570"
},
{
"name": "19238",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19238"
},
{
"name": "586",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/586"
},
{
"name": "VU#235774",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/235774"
},
{
"name": "oval:org.mitre.oval:def:1522",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1522"
},
{
"name": "oval:org.mitre.oval:def:1633",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1633"
},
{
"name": "TA06-073A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA06-073A.html"
},
{
"name": "19138",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19138"
},
{
"name": "23900",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/23900"
},
{
"name": "1015766",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015766"
},
{
"name": "excel-description-bo(25227)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25227"
},
{
"name": "MS06-012",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-012"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2006-0029",
"datePublished": "2006-03-14T23:00:00",
"dateReserved": "2005-11-30T00:00:00",
"dateUpdated": "2024-08-07T16:18:20.673Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-4131 (GCVE-0-2005-4131)
Vulnerability from cvelistv5
Published
2005-12-09 11:00
Modified
2024-08-07 23:31
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Unspecified vulnerability in Microsoft Excel 2000, 2002, and 2003, in Microsoft Office 2000 SP3 and other packages, allows user-assisted attackers to execute arbitrary code via an Excel file with a malformed range, which could lead to memory corruption involving an argument to the msvcrt.memmove function, aka "Brand new Microsoft Excel Vulnerability," as originally placed for sale on eBay as item number 7203336538.
References
| URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T23:31:49.088Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "excel-msvcrt-memmove-bo(23537)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23537"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://cgi.ebay.com/ws/eBayISAPI.dll?ViewItem\u0026item=7203336538"
},
{
"name": "15780",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/15780"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.eweek.com/article2/0%2C1759%2C1899697%2C00.asp?kc=EWRSS03129TX1K0000614"
},
{
"name": "584",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/584"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://informationweek.com/story/showArticle.jhtml?articleID=174910198"
},
{
"name": "ADV-2006-0950",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/0950"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://news.zdnet.com/2100-1009_22-5989078.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.theage.com.au/news/breaking/excel-flaw-up-for-sale-on-ebay/2005/12/09/1134086783318.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2006-069.htm"
},
{
"name": "591",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/591"
},
{
"name": "19238",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/19238"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.theregister.co.uk/2005/12/10/ebay_pulls_excel_vulnerability_auction/"
},
{
"name": "TA06-073A",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA06-073A.html"
},
{
"name": "19138",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/19138"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.osvdb.org/blog/?p=71"
},
{
"name": "1015333",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1015333"
},
{
"name": "20060314 High Risk Vulnerability in Microsoft Excel",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/427635/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.dicks-blog.com/archives/2005/12/08/excel-vulnerability-for-sale/"
},
{
"name": "1015766",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1015766"
},
{
"name": "VU#642428",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/642428"
},
{
"name": "20060315 [HV-HIGH] Microsoft Excel Named Range Arbitrary Code Execution",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/427698/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.securityfocus.com/news/11363"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://news.com.com/2061-10789_3-5988086.html"
},
{
"name": "MS06-012",
"tags": [
"vendor-advisory",
"x_refsource_MS",
"x_transferred"
],
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-012"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-12-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Microsoft Excel 2000, 2002, and 2003, in Microsoft Office 2000 SP3 and other packages, allows user-assisted attackers to execute arbitrary code via an Excel file with a malformed range, which could lead to memory corruption involving an argument to the msvcrt.memmove function, aka \"Brand new Microsoft Excel Vulnerability,\" as originally placed for sale on eBay as item number 7203336538."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-19T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "excel-msvcrt-memmove-bo(23537)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23537"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://cgi.ebay.com/ws/eBayISAPI.dll?ViewItem\u0026item=7203336538"
},
{
"name": "15780",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/15780"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.eweek.com/article2/0%2C1759%2C1899697%2C00.asp?kc=EWRSS03129TX1K0000614"
},
{
"name": "584",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/584"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://informationweek.com/story/showArticle.jhtml?articleID=174910198"
},
{
"name": "ADV-2006-0950",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/0950"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://news.zdnet.com/2100-1009_22-5989078.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.theage.com.au/news/breaking/excel-flaw-up-for-sale-on-ebay/2005/12/09/1134086783318.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2006-069.htm"
},
{
"name": "591",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/591"
},
{
"name": "19238",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/19238"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.theregister.co.uk/2005/12/10/ebay_pulls_excel_vulnerability_auction/"
},
{
"name": "TA06-073A",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA06-073A.html"
},
{
"name": "19138",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/19138"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.osvdb.org/blog/?p=71"
},
{
"name": "1015333",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1015333"
},
{
"name": "20060314 High Risk Vulnerability in Microsoft Excel",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/427635/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.dicks-blog.com/archives/2005/12/08/excel-vulnerability-for-sale/"
},
{
"name": "1015766",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1015766"
},
{
"name": "VU#642428",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/642428"
},
{
"name": "20060315 [HV-HIGH] Microsoft Excel Named Range Arbitrary Code Execution",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/427698/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.securityfocus.com/news/11363"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://news.com.com/2061-10789_3-5988086.html"
},
{
"name": "MS06-012",
"tags": [
"vendor-advisory",
"x_refsource_MS"
],
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-012"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-4131",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in Microsoft Excel 2000, 2002, and 2003, in Microsoft Office 2000 SP3 and other packages, allows user-assisted attackers to execute arbitrary code via an Excel file with a malformed range, which could lead to memory corruption involving an argument to the msvcrt.memmove function, aka \"Brand new Microsoft Excel Vulnerability,\" as originally placed for sale on eBay as item number 7203336538."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "excel-msvcrt-memmove-bo(23537)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23537"
},
{
"name": "http://cgi.ebay.com/ws/eBayISAPI.dll?ViewItem\u0026item=7203336538",
"refsource": "MISC",
"url": "http://cgi.ebay.com/ws/eBayISAPI.dll?ViewItem\u0026item=7203336538"
},
{
"name": "15780",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/15780"
},
{
"name": "http://www.eweek.com/article2/0,1759,1899697,00.asp?kc=EWRSS03129TX1K0000614",
"refsource": "MISC",
"url": "http://www.eweek.com/article2/0,1759,1899697,00.asp?kc=EWRSS03129TX1K0000614"
},
{
"name": "584",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/584"
},
{
"name": "http://informationweek.com/story/showArticle.jhtml?articleID=174910198",
"refsource": "MISC",
"url": "http://informationweek.com/story/showArticle.jhtml?articleID=174910198"
},
{
"name": "ADV-2006-0950",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/0950"
},
{
"name": "http://news.zdnet.com/2100-1009_22-5989078.html",
"refsource": "MISC",
"url": "http://news.zdnet.com/2100-1009_22-5989078.html"
},
{
"name": "http://www.theage.com.au/news/breaking/excel-flaw-up-for-sale-on-ebay/2005/12/09/1134086783318.html",
"refsource": "MISC",
"url": "http://www.theage.com.au/news/breaking/excel-flaw-up-for-sale-on-ebay/2005/12/09/1134086783318.html"
},
{
"name": "http://support.avaya.com/elmodocs2/security/ASA-2006-069.htm",
"refsource": "CONFIRM",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2006-069.htm"
},
{
"name": "591",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/591"
},
{
"name": "19238",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19238"
},
{
"name": "http://www.theregister.co.uk/2005/12/10/ebay_pulls_excel_vulnerability_auction/",
"refsource": "MISC",
"url": "http://www.theregister.co.uk/2005/12/10/ebay_pulls_excel_vulnerability_auction/"
},
{
"name": "TA06-073A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA06-073A.html"
},
{
"name": "19138",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19138"
},
{
"name": "http://www.osvdb.org/blog/?p=71",
"refsource": "MISC",
"url": "http://www.osvdb.org/blog/?p=71"
},
{
"name": "1015333",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015333"
},
{
"name": "20060314 High Risk Vulnerability in Microsoft Excel",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/427635/100/0/threaded"
},
{
"name": "http://www.dicks-blog.com/archives/2005/12/08/excel-vulnerability-for-sale/",
"refsource": "MISC",
"url": "http://www.dicks-blog.com/archives/2005/12/08/excel-vulnerability-for-sale/"
},
{
"name": "1015766",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015766"
},
{
"name": "VU#642428",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/642428"
},
{
"name": "20060315 [HV-HIGH] Microsoft Excel Named Range Arbitrary Code Execution",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/427698/100/0/threaded"
},
{
"name": "http://www.securityfocus.com/news/11363",
"refsource": "MISC",
"url": "http://www.securityfocus.com/news/11363"
},
{
"name": "http://news.com.com/2061-10789_3-5988086.html",
"refsource": "MISC",
"url": "http://news.com.com/2061-10789_3-5988086.html"
},
{
"name": "MS06-012",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-012"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-4131",
"datePublished": "2005-12-09T11:00:00",
"dateReserved": "2005-12-09T00:00:00",
"dateUpdated": "2024-08-07T23:31:49.088Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…