7.5

CVE-2006-0002

EPSS 45.63%
Veröffentlicht 10.01.2006 22:03:00
Zuletzt bearbeitet 03.04.2025 01:03:51
Quelle secure@microsoft.com
CVE-Watchlists
Login
Unerledigt
Login

Unspecified vulnerability in Microsoft Outlook 2000 through 2003, Exchange 5.0 Server SP2 and 5.5 SP4, Exchange 2000 SP3, and Office allows remote attackers to execute arbitrary code via an e-mail message with a crafted Transport Neutral Encapsulation Format (TNEF) MIME attachment, related to message length validation.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 23

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Microsoft ≫ Exchange Server Version5.0 Update-

Microsoft ≫ Exchange Server Version5.0 Updatesp1

Microsoft ≫ Exchange Server Version5.0 Updatesp2

Microsoft ≫ Exchange Server Version5.5 Update-

Microsoft ≫ Exchange Server Version5.5 Updatesp1

Microsoft ≫ Exchange Server Version5.5 Updatesp2

Microsoft ≫ Exchange Server Version5.5 Updatesp3

Microsoft ≫ Exchange Server Version5.5 Updatesp4

Microsoft ≫ Exchange Server Version2000 Updatesp3

Microsoft ≫ Office Version2000 Updatesp3

Microsoft ≫ Office Version2003 Updatesp1

Microsoft ≫ Office Version2003 Updatesp2

Microsoft ≫ Office Versionxp Updatesp3

Microsoft ≫ Outlook Version2000 Updatesp3

Microsoft ≫ Outlook Version2002 Updatesp3

Microsoft ≫ Outlook Version2003

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	45.63%	0.975

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.5	10	6.4	AV:N/AC:L/Au:N/C:P/I:P/A:P

http://secunia.com/advisories/18368

Patch

Third Party Advisory

http://securityreason.com/securityalert/330

Third Party Advisory

http://securityreason.com/securityalert/331

Third Party Advisory

http://securitytracker.com/id?1015460

Patch

Third Party Advisory

VDB Entry

http://securitytracker.com/id?1015461

Patch

Third Party Advisory

VDB Entry

http://support.avaya.com/elmodocs2/security/ASA-2006-004.htm

Third Party Advisory

http://www.kb.cert.org/vuls/id/252146

Third Party Advisory

US Government Resource

http://www.securityfocus.com/archive/1/421518/100/0/threaded

Third Party Advisory

VDB Entry

http://www.securityfocus.com/archive/1/421520/100/0/threaded

Third Party Advisory

VDB Entry

http://www.securityfocus.com/bid/16197

Patch

Third Party Advisory

VDB Entry

http://www.us-cert.gov/cas/techalerts/TA06-010A.html

Patch

Third Party Advisory

US Government Resource

http://www.vupen.com/english/advisories/2006/0119

Permissions Required

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-003

Patch

Vendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/22878

Third Party Advisory

VDB Entry

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1082

Third Party Advisory

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1165

Third Party Advisory

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1316

Third Party Advisory

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1456

Third Party Advisory

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1485

Third Party Advisory

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A624

Third Party Advisory

https://nvd.nist.gov/vuln/detail/CVE-2006-0002

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2006-0002

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2006-0002

EUVD