CVE-2005-4131 (GCVE-0-2005-4131)

Vulnerability from cvelistv5 – Published: 2005-12-09 11:00 – Updated: 2024-08-07 23:31
VLAI?
Summary
Unspecified vulnerability in Microsoft Excel 2000, 2002, and 2003, in Microsoft Office 2000 SP3 and other packages, allows user-assisted attackers to execute arbitrary code via an Excel file with a malformed range, which could lead to memory corruption involving an argument to the msvcrt.memmove function, aka "Brand new Microsoft Excel Vulnerability," as originally placed for sale on eBay as item number 7203336538.
Severity ?
No CVSS data available.
CWE
  • n/a
Assigner
References
https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
http://cgi.ebay.com/ws/eBayISAPI.dll?ViewItem&ite… x_refsource_MISC
http://www.securityfocus.com/bid/15780 vdb-entryx_refsource_BID
http://www.eweek.com/article2/0%2C1759%2C1899697%… x_refsource_MISC
http://securityreason.com/securityalert/584 third-party-advisoryx_refsource_SREASON
http://informationweek.com/story/showArticle.jhtm… x_refsource_MISC
http://www.vupen.com/english/advisories/2006/0950 vdb-entryx_refsource_VUPEN
http://news.zdnet.com/2100-1009_22-5989078.html x_refsource_MISC
http://www.theage.com.au/news/breaking/excel-flaw… x_refsource_MISC
http://support.avaya.com/elmodocs2/security/ASA-2… x_refsource_CONFIRM
http://securityreason.com/securityalert/591 third-party-advisoryx_refsource_SREASON
http://secunia.com/advisories/19238 third-party-advisoryx_refsource_SECUNIA
http://www.theregister.co.uk/2005/12/10/ebay_pull… x_refsource_MISC
http://www.us-cert.gov/cas/techalerts/TA06-073A.html third-party-advisoryx_refsource_CERT
http://secunia.com/advisories/19138 third-party-advisoryx_refsource_SECUNIA
http://www.osvdb.org/blog/?p=71 x_refsource_MISC
http://securitytracker.com/id?1015333 vdb-entryx_refsource_SECTRACK
http://www.securityfocus.com/archive/1/427635/100… mailing-listx_refsource_BUGTRAQ
http://www.dicks-blog.com/archives/2005/12/08/exc… x_refsource_MISC
http://securitytracker.com/id?1015766 vdb-entryx_refsource_SECTRACK
http://www.kb.cert.org/vuls/id/642428 third-party-advisoryx_refsource_CERT-VN
http://www.securityfocus.com/archive/1/427698/100… mailing-listx_refsource_BUGTRAQ
http://www.securityfocus.com/news/11363 x_refsource_MISC
http://news.com.com/2061-10789_3-5988086.html x_refsource_MISC
https://docs.microsoft.com/en-us/security-updates… vendor-advisoryx_refsource_MS
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T23:31:49.088Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "excel-msvcrt-memmove-bo(23537)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23537"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://cgi.ebay.com/ws/eBayISAPI.dll?ViewItem\u0026item=7203336538"
          },
          {
            "name": "15780",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/15780"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.eweek.com/article2/0%2C1759%2C1899697%2C00.asp?kc=EWRSS03129TX1K0000614"
          },
          {
            "name": "584",
            "tags": [
              "third-party-advisory",
              "x_refsource_SREASON",
              "x_transferred"
            ],
            "url": "http://securityreason.com/securityalert/584"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://informationweek.com/story/showArticle.jhtml?articleID=174910198"
          },
          {
            "name": "ADV-2006-0950",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2006/0950"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://news.zdnet.com/2100-1009_22-5989078.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.theage.com.au/news/breaking/excel-flaw-up-for-sale-on-ebay/2005/12/09/1134086783318.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-069.htm"
          },
          {
            "name": "591",
            "tags": [
              "third-party-advisory",
              "x_refsource_SREASON",
              "x_transferred"
            ],
            "url": "http://securityreason.com/securityalert/591"
          },
          {
            "name": "19238",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/19238"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.theregister.co.uk/2005/12/10/ebay_pulls_excel_vulnerability_auction/"
          },
          {
            "name": "TA06-073A",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT",
              "x_transferred"
            ],
            "url": "http://www.us-cert.gov/cas/techalerts/TA06-073A.html"
          },
          {
            "name": "19138",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/19138"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/blog/?p=71"
          },
          {
            "name": "1015333",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1015333"
          },
          {
            "name": "20060314 High Risk Vulnerability in Microsoft Excel",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/427635/100/0/threaded"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.dicks-blog.com/archives/2005/12/08/excel-vulnerability-for-sale/"
          },
          {
            "name": "1015766",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1015766"
          },
          {
            "name": "VU#642428",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/642428"
          },
          {
            "name": "20060315 [HV-HIGH] Microsoft Excel Named Range Arbitrary Code Execution",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/427698/100/0/threaded"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/news/11363"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://news.com.com/2061-10789_3-5988086.html"
          },
          {
            "name": "MS06-012",
            "tags": [
              "vendor-advisory",
              "x_refsource_MS",
              "x_transferred"
            ],
            "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-012"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2005-12-07T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Unspecified vulnerability in Microsoft Excel 2000, 2002, and 2003, in Microsoft Office 2000 SP3 and other packages, allows user-assisted attackers to execute arbitrary code via an Excel file with a malformed range, which could lead to memory corruption involving an argument to the msvcrt.memmove function, aka \"Brand new Microsoft Excel Vulnerability,\" as originally placed for sale on eBay as item number 7203336538."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-19T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "excel-msvcrt-memmove-bo(23537)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23537"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://cgi.ebay.com/ws/eBayISAPI.dll?ViewItem\u0026item=7203336538"
        },
        {
          "name": "15780",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/15780"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.eweek.com/article2/0%2C1759%2C1899697%2C00.asp?kc=EWRSS03129TX1K0000614"
        },
        {
          "name": "584",
          "tags": [
            "third-party-advisory",
            "x_refsource_SREASON"
          ],
          "url": "http://securityreason.com/securityalert/584"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://informationweek.com/story/showArticle.jhtml?articleID=174910198"
        },
        {
          "name": "ADV-2006-0950",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2006/0950"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://news.zdnet.com/2100-1009_22-5989078.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.theage.com.au/news/breaking/excel-flaw-up-for-sale-on-ebay/2005/12/09/1134086783318.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-069.htm"
        },
        {
          "name": "591",
          "tags": [
            "third-party-advisory",
            "x_refsource_SREASON"
          ],
          "url": "http://securityreason.com/securityalert/591"
        },
        {
          "name": "19238",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/19238"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.theregister.co.uk/2005/12/10/ebay_pulls_excel_vulnerability_auction/"
        },
        {
          "name": "TA06-073A",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT"
          ],
          "url": "http://www.us-cert.gov/cas/techalerts/TA06-073A.html"
        },
        {
          "name": "19138",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/19138"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.osvdb.org/blog/?p=71"
        },
        {
          "name": "1015333",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1015333"
        },
        {
          "name": "20060314 High Risk Vulnerability in Microsoft Excel",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/427635/100/0/threaded"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.dicks-blog.com/archives/2005/12/08/excel-vulnerability-for-sale/"
        },
        {
          "name": "1015766",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1015766"
        },
        {
          "name": "VU#642428",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/642428"
        },
        {
          "name": "20060315 [HV-HIGH] Microsoft Excel Named Range Arbitrary Code Execution",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/427698/100/0/threaded"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.securityfocus.com/news/11363"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://news.com.com/2061-10789_3-5988086.html"
        },
        {
          "name": "MS06-012",
          "tags": [
            "vendor-advisory",
            "x_refsource_MS"
          ],
          "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-012"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2005-4131",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Unspecified vulnerability in Microsoft Excel 2000, 2002, and 2003, in Microsoft Office 2000 SP3 and other packages, allows user-assisted attackers to execute arbitrary code via an Excel file with a malformed range, which could lead to memory corruption involving an argument to the msvcrt.memmove function, aka \"Brand new Microsoft Excel Vulnerability,\" as originally placed for sale on eBay as item number 7203336538."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "excel-msvcrt-memmove-bo(23537)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23537"
            },
            {
              "name": "http://cgi.ebay.com/ws/eBayISAPI.dll?ViewItem\u0026item=7203336538",
              "refsource": "MISC",
              "url": "http://cgi.ebay.com/ws/eBayISAPI.dll?ViewItem\u0026item=7203336538"
            },
            {
              "name": "15780",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/15780"
            },
            {
              "name": "http://www.eweek.com/article2/0,1759,1899697,00.asp?kc=EWRSS03129TX1K0000614",
              "refsource": "MISC",
              "url": "http://www.eweek.com/article2/0,1759,1899697,00.asp?kc=EWRSS03129TX1K0000614"
            },
            {
              "name": "584",
              "refsource": "SREASON",
              "url": "http://securityreason.com/securityalert/584"
            },
            {
              "name": "http://informationweek.com/story/showArticle.jhtml?articleID=174910198",
              "refsource": "MISC",
              "url": "http://informationweek.com/story/showArticle.jhtml?articleID=174910198"
            },
            {
              "name": "ADV-2006-0950",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2006/0950"
            },
            {
              "name": "http://news.zdnet.com/2100-1009_22-5989078.html",
              "refsource": "MISC",
              "url": "http://news.zdnet.com/2100-1009_22-5989078.html"
            },
            {
              "name": "http://www.theage.com.au/news/breaking/excel-flaw-up-for-sale-on-ebay/2005/12/09/1134086783318.html",
              "refsource": "MISC",
              "url": "http://www.theage.com.au/news/breaking/excel-flaw-up-for-sale-on-ebay/2005/12/09/1134086783318.html"
            },
            {
              "name": "http://support.avaya.com/elmodocs2/security/ASA-2006-069.htm",
              "refsource": "CONFIRM",
              "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-069.htm"
            },
            {
              "name": "591",
              "refsource": "SREASON",
              "url": "http://securityreason.com/securityalert/591"
            },
            {
              "name": "19238",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/19238"
            },
            {
              "name": "http://www.theregister.co.uk/2005/12/10/ebay_pulls_excel_vulnerability_auction/",
              "refsource": "MISC",
              "url": "http://www.theregister.co.uk/2005/12/10/ebay_pulls_excel_vulnerability_auction/"
            },
            {
              "name": "TA06-073A",
              "refsource": "CERT",
              "url": "http://www.us-cert.gov/cas/techalerts/TA06-073A.html"
            },
            {
              "name": "19138",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/19138"
            },
            {
              "name": "http://www.osvdb.org/blog/?p=71",
              "refsource": "MISC",
              "url": "http://www.osvdb.org/blog/?p=71"
            },
            {
              "name": "1015333",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1015333"
            },
            {
              "name": "20060314 High Risk Vulnerability in Microsoft Excel",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/427635/100/0/threaded"
            },
            {
              "name": "http://www.dicks-blog.com/archives/2005/12/08/excel-vulnerability-for-sale/",
              "refsource": "MISC",
              "url": "http://www.dicks-blog.com/archives/2005/12/08/excel-vulnerability-for-sale/"
            },
            {
              "name": "1015766",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1015766"
            },
            {
              "name": "VU#642428",
              "refsource": "CERT-VN",
              "url": "http://www.kb.cert.org/vuls/id/642428"
            },
            {
              "name": "20060315 [HV-HIGH] Microsoft Excel Named Range Arbitrary Code Execution",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/427698/100/0/threaded"
            },
            {
              "name": "http://www.securityfocus.com/news/11363",
              "refsource": "MISC",
              "url": "http://www.securityfocus.com/news/11363"
            },
            {
              "name": "http://news.com.com/2061-10789_3-5988086.html",
              "refsource": "MISC",
              "url": "http://news.com.com/2061-10789_3-5988086.html"
            },
            {
              "name": "MS06-012",
              "refsource": "MS",
              "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-012"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2005-4131",
    "datePublished": "2005-12-09T11:00:00",
    "dateReserved": "2005-12-09T00:00:00",
    "dateUpdated": "2024-08-07T23:31:49.088Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2005-4131\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2005-12-09T11:03:00.000\",\"lastModified\":\"2025-04-03T01:03:51.193\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Unspecified vulnerability in Microsoft Excel 2000, 2002, and 2003, in Microsoft Office 2000 SP3 and other packages, allows user-assisted attackers to execute arbitrary code via an Excel file with a malformed range, which could lead to memory corruption involving an argument to the msvcrt.memmove function, aka \\\"Brand new Microsoft Excel Vulnerability,\\\" as originally placed for sale on eBay as item number 7203336538.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:P/I:P/A:P\",\"baseScore\":6.8,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":true,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:excel:95:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"05969CEF-3A84-432A-AD36-A37862055B59\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:excel:97:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A78536AA-8694-4E0E-B7C6-9E5C3787D849\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:excel:97:sr1:*:*:*:*:*:*\",\"matchCriteriaId\":\"E726A7DA-47E6-412D-BAF4-D52A489C0631\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:excel:97:sr2:*:*:*:*:*:*\",\"matchCriteriaId\":\"A9A3C16C-075A-4C9D-BC50-885C55BF5017\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:excel:2000:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F55D42D5-7371-47C2-BF55-B7F51C19B61E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:excel:2000:sp2:*:*:*:*:*:*\",\"matchCriteriaId\":\"D4FBEB90-1BF2-4E84-9A74-EAD226AAA0A2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:excel:2000:sp3:*:*:*:*:*:*\",\"matchCriteriaId\":\"439B26BA-376C-4D6B-B7BA-B66B8BDA8E37\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:excel:2000:sr1:*:*:*:*:*:*\",\"matchCriteriaId\":\"27C6E1BC-406E-4B0B-B513-33226AC4482D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:excel:2002:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"082D3262-87E3-4245-AD9C-02BE0871FA3B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:excel:2002:sp1:*:*:*:*:*:*\",\"matchCriteriaId\":\"C619E79B-90FB-4812-B0F3-115B47498492\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:excel:2002:sp2:*:*:*:*:*:*\",\"matchCriteriaId\":\"EC893353-909C-49A8-8C3A-AD325C1D365D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:excel:2002:sp3:*:*:*:*:*:*\",\"matchCriteriaId\":\"896E23B1-AB34-43FF-96F3-BA6ED7F162AF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:excel:2003:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5F79E0AB-7081-4F97-BFE4-9AF84F643B9A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:excel:2003:sp1:*:*:*:*:*:*\",\"matchCriteriaId\":\"9AED7433-3C95-4868-B05D-244149E0E33E\"}]}]}],\"references\":[{\"url\":\"http://cgi.ebay.com/ws/eBayISAPI.dll?ViewItem\u0026item=7203336538\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://informationweek.com/story/showArticle.jhtml?articleID=174910198\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://news.com.com/2061-10789_3-5988086.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://news.zdnet.com/2100-1009_22-5989078.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/19138\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/19238\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://securityreason.com/securityalert/584\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://securityreason.com/securityalert/591\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://securitytracker.com/id?1015333\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://securitytracker.com/id?1015766\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://support.avaya.com/elmodocs2/security/ASA-2006-069.htm\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.dicks-blog.com/archives/2005/12/08/excel-vulnerability-for-sale/\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.eweek.com/article2/0%2C1759%2C1899697%2C00.asp?kc=EWRSS03129TX1K0000614\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.kb.cert.org/vuls/id/642428\",\"source\":\"cve@mitre.org\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://www.osvdb.org/blog/?p=71\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/archive/1/427635/100/0/threaded\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/archive/1/427698/100/0/threaded\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/15780\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\"]},{\"url\":\"http://www.securityfocus.com/news/11363\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.theage.com.au/news/breaking/excel-flaw-up-for-sale-on-ebay/2005/12/09/1134086783318.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.theregister.co.uk/2005/12/10/ebay_pulls_excel_vulnerability_auction/\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.us-cert.gov/cas/techalerts/TA06-073A.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://www.vupen.com/english/advisories/2006/0950\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-012\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/23537\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://cgi.ebay.com/ws/eBayISAPI.dll?ViewItem\u0026item=7203336538\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://informationweek.com/story/showArticle.jhtml?articleID=174910198\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://news.com.com/2061-10789_3-5988086.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://news.zdnet.com/2100-1009_22-5989078.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/19138\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/19238\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://securityreason.com/securityalert/584\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://securityreason.com/securityalert/591\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://securitytracker.com/id?1015333\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://securitytracker.com/id?1015766\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://support.avaya.com/elmodocs2/security/ASA-2006-069.htm\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.dicks-blog.com/archives/2005/12/08/excel-vulnerability-for-sale/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.eweek.com/article2/0%2C1759%2C1899697%2C00.asp?kc=EWRSS03129TX1K0000614\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.kb.cert.org/vuls/id/642428\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://www.osvdb.org/blog/?p=71\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/archive/1/427635/100/0/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/archive/1/427698/100/0/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/15780\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"http://www.securityfocus.com/news/11363\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.theage.com.au/news/breaking/excel-flaw-up-for-sale-on-ebay/2005/12/09/1134086783318.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.theregister.co.uk/2005/12/10/ebay_pulls_excel_vulnerability_auction/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.us-cert.gov/cas/techalerts/TA06-073A.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://www.vupen.com/english/advisories/2006/0950\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-012\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/23537\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.