CVE-2006-3014

Опубликовано: 22 июн. 2006

Источник: nvd

CVSS2: 5.1

EPSS Средний

Описание

Microsoft Excel allows user-assisted attackers to execute arbitrary javascript and redirect users to arbitrary sites via an Excel spreadsheet with an embedded Shockwave Flash Player ActiveX Object, which is automatically executed when the user opens the spreadsheet.

Ссылки

http://archives.neohapsis.com/archives/fulldisclosure/2006-06/0414.html
Exploit
http://hackingspirits.com/vuln-rnd/vuln-rnd.html
Exploit
http://secunia.com/advisories/21865
Patch
Vendor Advisory
http://secunia.com/advisories/22882
Vendor Advisory
http://securitytracker.com/id?1016344
http://www.adobe.com/support/security/bulletins/apsb06-11.html
http://www.securiteam.com/windowsntfocus/5TP0M0KIUA.html
http://www.securityfocus.com/bid/18583
Exploit
http://www.securityfocus.com/bid/19980
Patch
http://www.us-cert.gov/cas/techalerts/TA06-318A.html
US Government Resource
http://www.vupen.com/english/advisories/2006/3573
Vendor Advisory
http://www.vupen.com/english/advisories/2006/3577
Vendor Advisory
http://www.vupen.com/english/advisories/2006/4507
Vendor Advisory
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-069
https://exchange.xforce.ibmcloud.com/vulnerabilities/27312
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A538
http://archives.neohapsis.com/archives/fulldisclosure/2006-06/0414.html
Exploit
http://hackingspirits.com/vuln-rnd/vuln-rnd.html
Exploit
http://secunia.com/advisories/21865
Patch
Vendor Advisory
http://secunia.com/advisories/22882
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:microsoft:excel:*:*:*:*:*:*:*:*

EPSS

Процентиль: 98%

0.58319

Средний

5.1 Medium

CVSS2

Дефекты

CWE-20

Связанные уязвимости

CVE-2006-3014

ubuntu

больше 19 лет назад

GHSA-4v5q-p386-f6mv

github

почти 4 года назад