5.1

CVE-2006-0028

Unspecified vulnerability in Microsoft Excel 2000, 2002, and 2003, in Microsoft Office 2000 SP3 and other packages, allows user-assisted attackers to execute arbitrary code via a BIFF parsing format file containing malformed BOOLERR records that lead to memory corruption, probably involving invalid pointers.

Data is provided by the National Vulnerability Database (NVD)
MicrosoftExcel Version2000
MicrosoftExcel Version2002
MicrosoftExcel Version2003
MicrosoftExcel Version2004 Editionmac_os_x
MicrosoftExcel Versionx Editionmac_os_x
MicrosoftOffice Version2000 Updatesp3
MicrosoftOffice Version2003 Updatesp1
MicrosoftOffice Version2003 Updatesp2
MicrosoftOffice Version2004 Editionmac
MicrosoftOffice Versionv.x Editionmac
MicrosoftOffice Versionxp Updatesp3
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 51.68% 0.977
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 5.1 4.9 6.4
AV:N/AC:H/Au:N/C:P/I:P/A:P
http://www.us-cert.gov/cas/techalerts/TA06-073A.html
Third Party Advisory
US Government Resource
http://www.kb.cert.org/vuls/id/339878
Third Party Advisory
US Government Resource