cve-2005-4131
Vulnerability from cvelistv5
Published
2005-12-09 11:00
Modified
2024-08-07 23:31
Severity ?
Summary
Unspecified vulnerability in Microsoft Excel 2000, 2002, and 2003, in Microsoft Office 2000 SP3 and other packages, allows user-assisted attackers to execute arbitrary code via an Excel file with a malformed range, which could lead to memory corruption involving an argument to the msvcrt.memmove function, aka "Brand new Microsoft Excel Vulnerability," as originally placed for sale on eBay as item number 7203336538.
References
cve@mitre.orghttp://cgi.ebay.com/ws/eBayISAPI.dll?ViewItem&item=7203336538
cve@mitre.orghttp://informationweek.com/story/showArticle.jhtml?articleID=174910198
cve@mitre.orghttp://news.com.com/2061-10789_3-5988086.html
cve@mitre.orghttp://news.zdnet.com/2100-1009_22-5989078.html
cve@mitre.orghttp://secunia.com/advisories/19138Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/19238Vendor Advisory
cve@mitre.orghttp://securityreason.com/securityalert/584
cve@mitre.orghttp://securityreason.com/securityalert/591
cve@mitre.orghttp://securitytracker.com/id?1015333
cve@mitre.orghttp://securitytracker.com/id?1015766
cve@mitre.orghttp://support.avaya.com/elmodocs2/security/ASA-2006-069.htm
cve@mitre.orghttp://www.dicks-blog.com/archives/2005/12/08/excel-vulnerability-for-sale/
cve@mitre.orghttp://www.eweek.com/article2/0%2C1759%2C1899697%2C00.asp?kc=EWRSS03129TX1K0000614
cve@mitre.orghttp://www.kb.cert.org/vuls/id/642428US Government Resource
cve@mitre.orghttp://www.osvdb.org/blog/?p=71
cve@mitre.orghttp://www.securityfocus.com/archive/1/427635/100/0/threaded
cve@mitre.orghttp://www.securityfocus.com/archive/1/427698/100/0/threaded
cve@mitre.orghttp://www.securityfocus.com/bid/15780Patch
cve@mitre.orghttp://www.securityfocus.com/news/11363
cve@mitre.orghttp://www.theage.com.au/news/breaking/excel-flaw-up-for-sale-on-ebay/2005/12/09/1134086783318.html
cve@mitre.orghttp://www.theregister.co.uk/2005/12/10/ebay_pulls_excel_vulnerability_auction/
cve@mitre.orghttp://www.us-cert.gov/cas/techalerts/TA06-073A.htmlUS Government Resource
cve@mitre.orghttp://www.vupen.com/english/advisories/2006/0950Vendor Advisory
cve@mitre.orghttps://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-012
cve@mitre.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/23537
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T23:31:49.088Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "excel-msvcrt-memmove-bo(23537)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23537"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://cgi.ebay.com/ws/eBayISAPI.dll?ViewItem\u0026item=7203336538"
          },
          {
            "name": "15780",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/15780"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.eweek.com/article2/0%2C1759%2C1899697%2C00.asp?kc=EWRSS03129TX1K0000614"
          },
          {
            "name": "584",
            "tags": [
              "third-party-advisory",
              "x_refsource_SREASON",
              "x_transferred"
            ],
            "url": "http://securityreason.com/securityalert/584"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://informationweek.com/story/showArticle.jhtml?articleID=174910198"
          },
          {
            "name": "ADV-2006-0950",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2006/0950"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://news.zdnet.com/2100-1009_22-5989078.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.theage.com.au/news/breaking/excel-flaw-up-for-sale-on-ebay/2005/12/09/1134086783318.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-069.htm"
          },
          {
            "name": "591",
            "tags": [
              "third-party-advisory",
              "x_refsource_SREASON",
              "x_transferred"
            ],
            "url": "http://securityreason.com/securityalert/591"
          },
          {
            "name": "19238",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/19238"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.theregister.co.uk/2005/12/10/ebay_pulls_excel_vulnerability_auction/"
          },
          {
            "name": "TA06-073A",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT",
              "x_transferred"
            ],
            "url": "http://www.us-cert.gov/cas/techalerts/TA06-073A.html"
          },
          {
            "name": "19138",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/19138"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/blog/?p=71"
          },
          {
            "name": "1015333",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1015333"
          },
          {
            "name": "20060314 High Risk Vulnerability in Microsoft Excel",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/427635/100/0/threaded"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.dicks-blog.com/archives/2005/12/08/excel-vulnerability-for-sale/"
          },
          {
            "name": "1015766",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1015766"
          },
          {
            "name": "VU#642428",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/642428"
          },
          {
            "name": "20060315 [HV-HIGH] Microsoft Excel Named Range Arbitrary Code Execution",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/427698/100/0/threaded"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/news/11363"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://news.com.com/2061-10789_3-5988086.html"
          },
          {
            "name": "MS06-012",
            "tags": [
              "vendor-advisory",
              "x_refsource_MS",
              "x_transferred"
            ],
            "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-012"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2005-12-07T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Unspecified vulnerability in Microsoft Excel 2000, 2002, and 2003, in Microsoft Office 2000 SP3 and other packages, allows user-assisted attackers to execute arbitrary code via an Excel file with a malformed range, which could lead to memory corruption involving an argument to the msvcrt.memmove function, aka \"Brand new Microsoft Excel Vulnerability,\" as originally placed for sale on eBay as item number 7203336538."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-19T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "excel-msvcrt-memmove-bo(23537)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23537"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://cgi.ebay.com/ws/eBayISAPI.dll?ViewItem\u0026item=7203336538"
        },
        {
          "name": "15780",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/15780"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.eweek.com/article2/0%2C1759%2C1899697%2C00.asp?kc=EWRSS03129TX1K0000614"
        },
        {
          "name": "584",
          "tags": [
            "third-party-advisory",
            "x_refsource_SREASON"
          ],
          "url": "http://securityreason.com/securityalert/584"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://informationweek.com/story/showArticle.jhtml?articleID=174910198"
        },
        {
          "name": "ADV-2006-0950",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2006/0950"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://news.zdnet.com/2100-1009_22-5989078.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.theage.com.au/news/breaking/excel-flaw-up-for-sale-on-ebay/2005/12/09/1134086783318.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-069.htm"
        },
        {
          "name": "591",
          "tags": [
            "third-party-advisory",
            "x_refsource_SREASON"
          ],
          "url": "http://securityreason.com/securityalert/591"
        },
        {
          "name": "19238",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/19238"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.theregister.co.uk/2005/12/10/ebay_pulls_excel_vulnerability_auction/"
        },
        {
          "name": "TA06-073A",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT"
          ],
          "url": "http://www.us-cert.gov/cas/techalerts/TA06-073A.html"
        },
        {
          "name": "19138",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/19138"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.osvdb.org/blog/?p=71"
        },
        {
          "name": "1015333",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1015333"
        },
        {
          "name": "20060314 High Risk Vulnerability in Microsoft Excel",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/427635/100/0/threaded"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.dicks-blog.com/archives/2005/12/08/excel-vulnerability-for-sale/"
        },
        {
          "name": "1015766",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1015766"
        },
        {
          "name": "VU#642428",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/642428"
        },
        {
          "name": "20060315 [HV-HIGH] Microsoft Excel Named Range Arbitrary Code Execution",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/427698/100/0/threaded"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.securityfocus.com/news/11363"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://news.com.com/2061-10789_3-5988086.html"
        },
        {
          "name": "MS06-012",
          "tags": [
            "vendor-advisory",
            "x_refsource_MS"
          ],
          "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-012"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2005-4131",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Unspecified vulnerability in Microsoft Excel 2000, 2002, and 2003, in Microsoft Office 2000 SP3 and other packages, allows user-assisted attackers to execute arbitrary code via an Excel file with a malformed range, which could lead to memory corruption involving an argument to the msvcrt.memmove function, aka \"Brand new Microsoft Excel Vulnerability,\" as originally placed for sale on eBay as item number 7203336538."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "excel-msvcrt-memmove-bo(23537)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23537"
            },
            {
              "name": "http://cgi.ebay.com/ws/eBayISAPI.dll?ViewItem\u0026item=7203336538",
              "refsource": "MISC",
              "url": "http://cgi.ebay.com/ws/eBayISAPI.dll?ViewItem\u0026item=7203336538"
            },
            {
              "name": "15780",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/15780"
            },
            {
              "name": "http://www.eweek.com/article2/0,1759,1899697,00.asp?kc=EWRSS03129TX1K0000614",
              "refsource": "MISC",
              "url": "http://www.eweek.com/article2/0,1759,1899697,00.asp?kc=EWRSS03129TX1K0000614"
            },
            {
              "name": "584",
              "refsource": "SREASON",
              "url": "http://securityreason.com/securityalert/584"
            },
            {
              "name": "http://informationweek.com/story/showArticle.jhtml?articleID=174910198",
              "refsource": "MISC",
              "url": "http://informationweek.com/story/showArticle.jhtml?articleID=174910198"
            },
            {
              "name": "ADV-2006-0950",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2006/0950"
            },
            {
              "name": "http://news.zdnet.com/2100-1009_22-5989078.html",
              "refsource": "MISC",
              "url": "http://news.zdnet.com/2100-1009_22-5989078.html"
            },
            {
              "name": "http://www.theage.com.au/news/breaking/excel-flaw-up-for-sale-on-ebay/2005/12/09/1134086783318.html",
              "refsource": "MISC",
              "url": "http://www.theage.com.au/news/breaking/excel-flaw-up-for-sale-on-ebay/2005/12/09/1134086783318.html"
            },
            {
              "name": "http://support.avaya.com/elmodocs2/security/ASA-2006-069.htm",
              "refsource": "CONFIRM",
              "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-069.htm"
            },
            {
              "name": "591",
              "refsource": "SREASON",
              "url": "http://securityreason.com/securityalert/591"
            },
            {
              "name": "19238",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/19238"
            },
            {
              "name": "http://www.theregister.co.uk/2005/12/10/ebay_pulls_excel_vulnerability_auction/",
              "refsource": "MISC",
              "url": "http://www.theregister.co.uk/2005/12/10/ebay_pulls_excel_vulnerability_auction/"
            },
            {
              "name": "TA06-073A",
              "refsource": "CERT",
              "url": "http://www.us-cert.gov/cas/techalerts/TA06-073A.html"
            },
            {
              "name": "19138",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/19138"
            },
            {
              "name": "http://www.osvdb.org/blog/?p=71",
              "refsource": "MISC",
              "url": "http://www.osvdb.org/blog/?p=71"
            },
            {
              "name": "1015333",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1015333"
            },
            {
              "name": "20060314 High Risk Vulnerability in Microsoft Excel",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/427635/100/0/threaded"
            },
            {
              "name": "http://www.dicks-blog.com/archives/2005/12/08/excel-vulnerability-for-sale/",
              "refsource": "MISC",
              "url": "http://www.dicks-blog.com/archives/2005/12/08/excel-vulnerability-for-sale/"
            },
            {
              "name": "1015766",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1015766"
            },
            {
              "name": "VU#642428",
              "refsource": "CERT-VN",
              "url": "http://www.kb.cert.org/vuls/id/642428"
            },
            {
              "name": "20060315 [HV-HIGH] Microsoft Excel Named Range Arbitrary Code Execution",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/427698/100/0/threaded"
            },
            {
              "name": "http://www.securityfocus.com/news/11363",
              "refsource": "MISC",
              "url": "http://www.securityfocus.com/news/11363"
            },
            {
              "name": "http://news.com.com/2061-10789_3-5988086.html",
              "refsource": "MISC",
              "url": "http://news.com.com/2061-10789_3-5988086.html"
            },
            {
              "name": "MS06-012",
              "refsource": "MS",
              "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-012"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2005-4131",
    "datePublished": "2005-12-09T11:00:00",
    "dateReserved": "2005-12-09T00:00:00",
    "dateUpdated": "2024-08-07T23:31:49.088Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2005-4131\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2005-12-09T11:03:00.000\",\"lastModified\":\"2023-11-07T01:58:05.513\",\"vulnStatus\":\"Modified\",\"descriptions\":[{\"lang\":\"en\",\"value\":\"Unspecified vulnerability in Microsoft Excel 2000, 2002, and 2003, in Microsoft Office 2000 SP3 and other packages, allows user-assisted attackers to execute arbitrary code via an Excel file with a malformed range, which could lead to memory corruption involving an argument to the msvcrt.memmove function, aka \\\"Brand new Microsoft Excel Vulnerability,\\\" as originally placed for sale on eBay as item number 7203336538.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:P/I:P/A:P\",\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\",\"baseScore\":6.8},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":true,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:excel:95:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"05969CEF-3A84-432A-AD36-A37862055B59\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:excel:97:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A78536AA-8694-4E0E-B7C6-9E5C3787D849\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:excel:97:sr1:*:*:*:*:*:*\",\"matchCriteriaId\":\"E726A7DA-47E6-412D-BAF4-D52A489C0631\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:excel:97:sr2:*:*:*:*:*:*\",\"matchCriteriaId\":\"A9A3C16C-075A-4C9D-BC50-885C55BF5017\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:excel:2000:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F55D42D5-7371-47C2-BF55-B7F51C19B61E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:excel:2000:sp2:*:*:*:*:*:*\",\"matchCriteriaId\":\"D4FBEB90-1BF2-4E84-9A74-EAD226AAA0A2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:excel:2000:sp3:*:*:*:*:*:*\",\"matchCriteriaId\":\"439B26BA-376C-4D6B-B7BA-B66B8BDA8E37\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:excel:2000:sr1:*:*:*:*:*:*\",\"matchCriteriaId\":\"27C6E1BC-406E-4B0B-B513-33226AC4482D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:excel:2002:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"082D3262-87E3-4245-AD9C-02BE0871FA3B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:excel:2002:sp1:*:*:*:*:*:*\",\"matchCriteriaId\":\"C619E79B-90FB-4812-B0F3-115B47498492\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:excel:2002:sp2:*:*:*:*:*:*\",\"matchCriteriaId\":\"EC893353-909C-49A8-8C3A-AD325C1D365D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:excel:2002:sp3:*:*:*:*:*:*\",\"matchCriteriaId\":\"896E23B1-AB34-43FF-96F3-BA6ED7F162AF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:excel:2003:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5F79E0AB-7081-4F97-BFE4-9AF84F643B9A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:excel:2003:sp1:*:*:*:*:*:*\",\"matchCriteriaId\":\"9AED7433-3C95-4868-B05D-244149E0E33E\"}]}]}],\"references\":[{\"url\":\"http://cgi.ebay.com/ws/eBayISAPI.dll?ViewItem\u0026item=7203336538\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://informationweek.com/story/showArticle.jhtml?articleID=174910198\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://news.com.com/2061-10789_3-5988086.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://news.zdnet.com/2100-1009_22-5989078.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/19138\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/19238\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://securityreason.com/securityalert/584\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://securityreason.com/securityalert/591\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://securitytracker.com/id?1015333\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://securitytracker.com/id?1015766\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://support.avaya.com/elmodocs2/security/ASA-2006-069.htm\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.dicks-blog.com/archives/2005/12/08/excel-vulnerability-for-sale/\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.eweek.com/article2/0%2C1759%2C1899697%2C00.asp?kc=EWRSS03129TX1K0000614\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.kb.cert.org/vuls/id/642428\",\"source\":\"cve@mitre.org\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://www.osvdb.org/blog/?p=71\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/archive/1/427635/100/0/threaded\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/archive/1/427698/100/0/threaded\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/15780\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\"]},{\"url\":\"http://www.securityfocus.com/news/11363\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.theage.com.au/news/breaking/excel-flaw-up-for-sale-on-ebay/2005/12/09/1134086783318.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.theregister.co.uk/2005/12/10/ebay_pulls_excel_vulnerability_auction/\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.us-cert.gov/cas/techalerts/TA06-073A.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://www.vupen.com/english/advisories/2006/0950\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-012\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/23537\",\"source\":\"cve@mitre.org\"}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading...

Loading...

Loading...

Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.