6.8

CVE-2005-4131

EPSS 69.09%
Published 09.12.2005 11:03:00
Last modified 03.04.2025 01:03:51
Source cve@mitre.org
Teams watchlist Login
Open Login

Unspecified vulnerability in Microsoft Excel 2000, 2002, and 2003, in Microsoft Office 2000 SP3 and other packages, allows user-assisted attackers to execute arbitrary code via an Excel file with a malformed range, which could lead to memory corruption involving an argument to the msvcrt.memmove function, aka "Brand new Microsoft Excel Vulnerability," as originally placed for sale on eBay as item number 7203336538.

Affected products Warnungen 0 Metrics 2 CWE 0 References 28

Data is provided by the National Vulnerability Database (NVD)

Microsoft ≫ Excel Version95

Microsoft ≫ Excel Version97

Microsoft ≫ Excel Version97 Updatesr1

Microsoft ≫ Excel Version97 Updatesr2

Microsoft ≫ Excel Version2000

Microsoft ≫ Excel Version2000 Updatesp2

Microsoft ≫ Excel Version2000 Updatesp3

Microsoft ≫ Excel Version2000 Updatesr1

Microsoft ≫ Excel Version2002

Microsoft ≫ Excel Version2002 Updatesp1

Microsoft ≫ Excel Version2002 Updatesp2

Microsoft ≫ Excel Version2002 Updatesp3

Microsoft ≫ Excel Version2003

Microsoft ≫ Excel Version2003 Updatesp1

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	69.09%	0.985

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	6.8	8.6	6.4	AV:N/AC:M/Au:N/C:P/I:P/A:P

http://cgi.ebay.com/ws/eBayISAPI.dll?ViewItem&item=7203336538

http://informationweek.com/story/showArticle.jhtml?articleID=174910198

http://news.com.com/2061-10789_3-5988086.html

http://news.zdnet.com/2100-1009_22-5989078.html

http://secunia.com/advisories/19138

Vendor Advisory

http://secunia.com/advisories/19238

Vendor Advisory

http://securityreason.com/securityalert/584

http://securityreason.com/securityalert/591

http://securitytracker.com/id?1015333

http://securitytracker.com/id?1015766

http://support.avaya.com/elmodocs2/security/ASA-2006-069.htm

http://www.dicks-blog.com/archives/2005/12/08/excel-vulnerability-for-sale/

http://www.eweek.com/article2/0%2C1759%2C1899697%2C00.asp?kc=EWRSS03129TX1K0000614

http://www.kb.cert.org/vuls/id/642428

US Government Resource

http://www.osvdb.org/blog/?p=71

http://www.securityfocus.com/archive/1/427635/100/0/threaded

http://www.securityfocus.com/archive/1/427698/100/0/threaded

http://www.securityfocus.com/bid/15780

Patch

http://www.securityfocus.com/news/11363

http://www.theage.com.au/news/breaking/excel-flaw-up-for-sale-on-ebay/2005/12/09/1134086783318.html

http://www.theregister.co.uk/2005/12/10/ebay_pulls_excel_vulnerability_auction/

http://www.us-cert.gov/cas/techalerts/TA06-073A.html

US Government Resource

http://www.vupen.com/english/advisories/2006/0950

Vendor Advisory

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-012

https://exchange.xforce.ibmcloud.com/vulnerabilities/23537

https://nvd.nist.gov/vuln/detail/CVE-2005-4131

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2005-4131

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2005-4131

EUVD