Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2006-3431
HistoryJul 07, 2006 - 6:05 p.m.

CVE-2006-3431

2006-07-0718:05:00
NVD-CWE-Other
[email protected]
web.nvd.nist.gov
30
cve-2006-3431
microsoft excel
buffer overflow
asian language
spreadsheet
user-assisted
arbitrary code
style record

7.4 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.173 Low

EPSS

Percentile

96.0%

JSON

Buffer overflow in certain Asian language versions of Microsoft Excel might allow user-assisted attackers to execute arbitrary code via a crafted STYLE record in a spreadsheet that triggers the overflow when the user attempts to repair the document or selects the “Style” option, as demonstrated by nanika.xls. NOTE: Microsoft has confirmed to CVE via e-mail that this is different than the other Excel vulnerabilities announced before 20060707, including CVE-2006-3059 and CVE-2006-3086.

CPENameOperatorVersion
microsoft:excelmicrosoft exceleq*

Related

checkpoint_advisories 6
cert 3
cve 2
nessus 5
securityvulns 5
saint 4
seebug 1
checkpoint_advisories
checkpoint_advisories
Microsoft Excel Asian Languages Style Handling Buffer Overflow (MS06-059; CVE-2006-3431)
2010-06-13 00:00:00
Office Files (CVE-2006-1308; CVE-2006-1540; CVE-2006-3431; CVE-2007-0934; CVE-2007-0936)
2006-07-23 00:00:00
X97EmbedAn Excel Document Code Execution - Ver2 (CVE-2006-3059)
2015-03-26 00:00:00
cert
cert
Microsoft Excel fails to properly process malformed STYLE records
2006-10-10 00:00:00
Microsoft Excel vulnerability
2006-06-16 00:00:00
Microsoft Hyperlink Object Library stack buffer overflow
2006-06-21 00:00:00
cve
cve
CVE-2006-3059
2006-06-17 13:18:00
CVE-2006-3086
2006-06-19 19:02:00
nessus
nessus
MS06-059: Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (924164)
2006-10-10 00:00:00
MS06-050: Vulnerabilities in Microsoft Windows Hyperlink Object Library Could Allow Remote Code Execution (920670)
2006-08-08 00:00:00
MS06-058 / MS06-059 / MS06-0060 / MS06-062: Vulnerabilities in Microsoft Office Allow Remote Code Execution (924163 / 924164 / 924554 / 922581) (Mac OS X)
2006-10-11 00:00:00
securityvulns
securityvulns
Microsoft Security Bulletin MS06-059 Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (924164)
2006-10-11 00:00:00
[Full-disclosure] TSRT-06-10: Microsoft HLINK.DLL Hyperlink Object Library Buffer Overflow Vulnerability
2006-08-09 00:00:00
TSRT-06-10: Microsoft HLINK.DLL Hyperlink Object Library Buffer Overflow Vulnerability
2006-08-10 00:00:00
saint
saint
Microsoft Excel URL unicode buffer overflow
2006-06-21 00:00:00
Microsoft Excel URL unicode buffer overflow
2006-06-21 00:00:00
Microsoft Excel URL unicode buffer overflow
2006-06-21 00:00:00
seebug
seebug
Microsoft Windows Hyperlink Object Library Remote Code Execution(MS06-050)
2006-10-24 00:00:00

7.4 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.173 Low

EPSS

Percentile

96.0%

JSON
Related for CVE-2006-3431
checkpoint_advisories6cert3cve2nessus5securityvulns5saint4seebug1