Mend.io Vulnerability Database

What is a CVE vulnerability ID? icon What is a WS vulnerability ID? icon What is an MSC vulnerability ID? icon
New vulnerability? Tell us about it!
icon

We found results for “

CVE-2006-3014

Date: June 21, 2006

Microsoft Excel allows user-assisted attackers to execute arbitrary javascript and redirect users to arbitrary sites via an Excel spreadsheet with an embedded Shockwave Flash Player ActiveX Object, which is automatically executed when the user opens the spreadsheet.

Severity Score

Related Resources (19)

http://www.securityfocus.com/bid/19980
http://www.vupen.com/english/advisories/2006/3577
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A538
http://www.securityfocus.com/bid/18583
http://www.us-cert.gov/cas/techalerts/TA06-318A.html
http://www.vupen.com/english/advisories/2006/3573
https://nvd.nist.gov/vuln/detail/CVE-2006-3014
http://hackingspirits.com/vuln-rnd/vuln-rnd.html
http://securitytracker.com/id?1016344
http://archives.neohapsis.com/archives/fulldisclosure/2006-06/0414.html
http://www.securiteam.com/windowsntfocus/5TP0M0KIUA.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/27312
http://secunia.com/advisories/21865
https://people.canonical.com/~ubuntu-security/cve/CVE-2006-3014
http://www.vupen.com/english/advisories/2006/4507
http://www.adobe.com/support/security/bulletins/apsb06-11.html
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-069
http://secunia.com/advisories/22882
https://www.mend.io/vulnerability-database/CVE-2006-3014

Severity Score

Weakness Type (CWE)

Input Validation

CWE-20

CVSS v3.1

Base Score:
Attack Vector (AV): NETWORK
Attack Complexity (AC): HIGH
Privileges Required (PR): NONE
User Interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality (C): LOW
Integrity (I): LOW
Availability (A): LOW

CVSS v2

Base Score:
Access Vector (AV): NETWORK
Access Complexity (AC): HIGH
Authentication (AU): NONE
Confidentiality (C): PARTIAL
Integrity (I): PARTIAL
Availability (A): PARTIAL
Additional information:

Do you need more information?

Contact Us