7.5

CVE-2006-0002

EPSS 56.18%
Published 10.01.2006 22:03:00
Last modified 03.04.2025 01:03:51
Source secure@microsoft.com
Teams watchlist Login
Open Login

Unspecified vulnerability in Microsoft Outlook 2000 through 2003, Exchange 5.0 Server SP2 and 5.5 SP4, Exchange 2000 SP3, and Office allows remote attackers to execute arbitrary code via an e-mail message with a crafted Transport Neutral Encapsulation Format (TNEF) MIME attachment, related to message length validation.

Affected products Warnungen 0 Metrics 2 CWE 0 References 23

Data is provided by the National Vulnerability Database (NVD)

Microsoft ≫ Exchange Server Version5.0 Update-

Microsoft ≫ Exchange Server Version5.0 Updatesp1

Microsoft ≫ Exchange Server Version5.0 Updatesp2

Microsoft ≫ Exchange Server Version5.5 Update-

Microsoft ≫ Exchange Server Version5.5 Updatesp1

Microsoft ≫ Exchange Server Version5.5 Updatesp2

Microsoft ≫ Exchange Server Version5.5 Updatesp3

Microsoft ≫ Exchange Server Version5.5 Updatesp4

Microsoft ≫ Exchange Server Version2000 Updatesp3

Microsoft ≫ Office Version2000 Updatesp3

Microsoft ≫ Office Version2003 Updatesp1

Microsoft ≫ Office Version2003 Updatesp2

Microsoft ≫ Office Versionxp Updatesp3

Microsoft ≫ Outlook Version2000 Updatesp3

Microsoft ≫ Outlook Version2002 Updatesp3

Microsoft ≫ Outlook Version2003

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	56.18%	0.98

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.5	10	6.4	AV:N/AC:L/Au:N/C:P/I:P/A:P

http://secunia.com/advisories/18368

Patch

Third Party Advisory

http://securityreason.com/securityalert/330

Third Party Advisory

http://securityreason.com/securityalert/331

Third Party Advisory

http://securitytracker.com/id?1015460

Patch

Third Party Advisory

VDB Entry

http://securitytracker.com/id?1015461

Patch

Third Party Advisory

VDB Entry

http://support.avaya.com/elmodocs2/security/ASA-2006-004.htm

Third Party Advisory

http://www.kb.cert.org/vuls/id/252146

Third Party Advisory

US Government Resource

http://www.securityfocus.com/archive/1/421518/100/0/threaded

Third Party Advisory

VDB Entry

http://www.securityfocus.com/archive/1/421520/100/0/threaded

Third Party Advisory

VDB Entry

http://www.securityfocus.com/bid/16197

Patch

Third Party Advisory

VDB Entry

http://www.us-cert.gov/cas/techalerts/TA06-010A.html

Patch

Third Party Advisory

US Government Resource

http://www.vupen.com/english/advisories/2006/0119

Permissions Required

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-003

Patch

Vendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/22878

Third Party Advisory

VDB Entry

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1082

Third Party Advisory

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1165

Third Party Advisory

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1316

Third Party Advisory

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1456

Third Party Advisory

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1485

Third Party Advisory

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A624

Third Party Advisory

https://nvd.nist.gov/vuln/detail/CVE-2006-0002

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2006-0002

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2006-0002

EUVD