Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2006-0028
HistoryMar 14, 2006 - 11:02 p.m.

CVE-2006-0028

2006-03-1423:02:00
[email protected]
web.nvd.nist.gov
20
microsoft excel
excel vulnerability
biff parsing
arbitrary code execution
memory corruption
invalid pointers
cve-2006-0028
nvd

5.1 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

7.1 High

AI Score

Confidence

Low

0.956 High

EPSS

Percentile

99.4%

JSON

Unspecified vulnerability in Microsoft Excel 2000, 2002, and 2003, in Microsoft Office 2000 SP3 and other packages, allows user-assisted attackers to execute arbitrary code via a BIFF parsing format file containing malformed BOOLERR records that lead to memory corruption, probably involving invalid pointers.

Affected configurations

NVD
Node
microsoftexcelMatch2000
OR
microsoftexcelMatch2002
OR
microsoftexcelMatch2003
OR
microsoftexcelMatch2004mac_os_x
OR
microsoftexcelMatchxmac_os_x
OR
microsoftofficeMatch2000sp3
OR
microsoftofficeMatch2003sp1
OR
microsoftofficeMatch2003sp2
OR
microsoftofficeMatch2004mac
OR
microsoftofficeMatchv.xmac
OR
microsoftofficeMatchxpsp3

References

Related

securityvulns 3
nvd 1
zdi 1
cert 1
checkpoint_advisories 2
prion 1
cvelist 1
nessus 1
securityvulns
securityvulns
ZDI-06-004: Microsoft Excel File Format Parsing Vulnerability
2006-03-15 00:00:00
US-CERT Technical Cyber Security Alert TA06-073A -- Microsoft Office and Excel Vulnerabilities
2006-03-15 00:00:00
Microsoft Security Bulletin MS06-012 Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (905413)
2006-03-15 00:00:00
nvd
nvd
CVE-2006-0028
2006-03-14 23:02:00
zdi
zdi
Microsoft Excel File Format Parsing Vulnerability
2006-03-14 00:00:00
cert
cert
Microsoft Excel malformed parsing format file memory corruption vulnerability
2006-03-14 00:00:00
checkpoint_advisories
checkpoint_advisories
Microsoft Excel Malformed File Format Parsing Code Execution (MS06-012; CVE-2006-0028)
2010-07-07 00:00:00
Update Protection against Multiple Microsoft Office Vulnerabilities (MS06-012)
2006-03-15 00:00:00
prion
prion
Memory corruption
2006-03-14 23:02:00
cvelist
cvelist
CVE-2006-0028
2006-03-14 23:00:00
nessus
nessus
MS06-012: Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (905413)
2006-03-14 00:00:00

5.1 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

7.1 High

AI Score

Confidence

Low

0.956 High

EPSS

Percentile

99.4%

JSON
Related for CVE-2006-0028
securityvulns3nvd1zdi1cert1checkpoint_advisories2prion1cvelist1nessus1