Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2006-3431
HistoryJul 07, 2006 - 6:05 p.m.

CVE-2006-3431

2006-07-0718:05:00
[email protected]
web.nvd.nist.gov
7

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

7.4

Confidence

Low

EPSS

0.95

Percentile

99.3%

JSON

Buffer overflow in certain Asian language versions of Microsoft Excel might allow user-assisted attackers to execute arbitrary code via a crafted STYLE record in a spreadsheet that triggers the overflow when the user attempts to repair the document or selects the “Style” option, as demonstrated by nanika.xls. NOTE: Microsoft has confirmed to CVE via e-mail that this is different than the other Excel vulnerabilities announced before 20060707, including CVE-2006-3059 and CVE-2006-3086.

Affected configurations

Nvd
Node
microsoftexcel
VendorProductVersionCPE
microsoftexcel*cpe:2.3:a:microsoft:excel:*:*:*:*:*:*:*:*

Related

cvelist 3
cve 3
nvd 2
exploitdb 3
checkpoint_advisories 6
cert 3
saint 4
seebug 1
securityvulns 5
nessus 5
cvelist
cvelist
CVE-2006-3431
2006-07-07 18:00:00
CVE-2006-3086
2006-06-19 19:00:00
CVE-2006-3059
2006-06-17 01:00:00
cve
cve
CVE-2006-3431
2006-07-07 18:05:00
CVE-2006-3086
2006-06-19 19:02:00
CVE-2006-3059
2006-06-17 13:18:00
nvd
nvd
CVE-2006-3086
2006-06-19 19:02:00
CVE-2006-3059
2006-06-17 13:18:00
exploitdb
exploitdb
Microsoft Excel - Code Execution
2006-06-22 00:00:00
Microsoft Excel 2000-2004 - Style Handling and Repair Remote Code Execution
2006-07-06 00:00:00
Microsoft Excel - Unicode Local Overflow (PoC)
2006-06-18 00:00:00
checkpoint_advisories
checkpoint_advisories
Microsoft Excel Asian Languages Style Handling Buffer Overflow (MS06-059; CVE-2006-3431)
2010-06-13 00:00:00
X97EmbedAn Excel Document Code Execution - Ver2 (CVE-2006-3059)
2015-03-26 00:00:00
Microsoft Excel Crafted URL Unicode Buffer Overflow (MS06-050; CVE-2006-3086; CVE-2011-0104)
2011-02-24 00:00:00
cert
cert
Microsoft Excel fails to properly process malformed STYLE records
2006-10-10 00:00:00
Microsoft Excel vulnerability
2006-06-16 00:00:00
Microsoft Hyperlink Object Library stack buffer overflow
2006-06-21 00:00:00
saint
saint
Microsoft Excel URL unicode buffer overflow
2006-06-21 00:00:00
Microsoft Excel URL unicode buffer overflow
2006-06-21 00:00:00
Microsoft Excel URL unicode buffer overflow
2006-06-21 00:00:00
seebug
seebug
Microsoft Windows Hyperlink Object Library Remote Code Execution(MS06-050)
2006-10-24 00:00:00
securityvulns
securityvulns
[Full-disclosure] TSRT-06-10: Microsoft HLINK.DLL Hyperlink Object Library Buffer Overflow Vulnerability
2006-08-09 00:00:00
TSRT-06-10: Microsoft HLINK.DLL Hyperlink Object Library Buffer Overflow Vulnerability
2006-08-10 00:00:00
Microsoft Security Bulletin MS06-050 Vulnerabilities in Microsoft Windows Hyperlink Object Library Could Allow Remote Code Execution (920670)
2006-08-09 00:00:00
nessus
nessus
MS06-050: Vulnerabilities in Microsoft Windows Hyperlink Object Library Could Allow Remote Code Execution (920670)
2006-08-08 00:00:00
MS06-059: Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (924164)
2006-10-10 00:00:00
MS06-037: Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (917285)
2006-07-11 00:00:00

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

7.4

Confidence

Low

EPSS

0.95

Percentile

99.3%

JSON
Related for NVD:CVE-2006-3431
cvelist3cve3nvd2exploitdb3checkpoint_advisories6cert3saint4seebug1securityvulns5nessus5