[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248392

 
 

909

 
 

195452

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2006-0028Date: (C)2006-03-14   (M)2023-12-22


Unspecified vulnerability in Microsoft Excel 2000, 2002, and 2003, in Microsoft Office 2000 SP3 and other packages, allows user-assisted attackers to execute arbitrary code via a BIFF parsing format file containing malformed BOOLERR records that lead to memory corruption, probably involving invalid pointers.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 5.1
Exploit Score: 4.9
Impact Score: 6.4
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: HIGH
Authentication: NONE
Confidentiality: PARTIAL
Integrity: PARTIAL
Availability: PARTIAL
  
Reference:
SECTRACK-1015766
SECUNIA-19138
SECUNIA-19238
http://www.securityfocus.com/archive/1/427632/100/0/threaded
OSVDB-23899
SREASON-583
ADV-2006-0950
MS06-012
TA06-073A
VU#339878
excel-parsing-format-file-bo(25225)
http://support.avaya.com/elmodocs2/security/ASA-2006-069.htm
http://www.zerodayinitiative.com/advisories/ZDI-06-004.html
oval:org.mitre.oval:def:1158
oval:org.mitre.oval:def:1411
oval:org.mitre.oval:def:1509
oval:org.mitre.oval:def:1635

CPE    8
cpe:/a:microsoft:office:xp:sp3
cpe:/a:microsoft:office:2003:sp1
cpe:/a:microsoft:office:2003:sp2
cpe:/a:microsoft:office:2000:sp3
...
OVAL    4
oval:org.mitre.oval:def:1509
oval:org.mitre.oval:def:1158
oval:org.mitre.oval:def:1411
oval:org.mitre.oval:def:1635
...

© SecPod Technologies