nvd-json-data-feeds/CVE-2006/CVE-2006-13xx/CVE-2006-1306.json

{
  "id": "CVE-2006-1306",
  "sourceIdentifier": "secure@microsoft.com",
  "published": "2006-07-13T21:05:00.000",
  "lastModified": "2018-10-18T16:32:02.747",
  "vulnStatus": "Modified",
  "descriptions": [
    {
      "lang": "en",
      "value": "Microsoft Excel 2000 through 2004 allows user-assisted attackers to execute arbitrary code via a .xls file with a crafted BIFF record with an attacker-controlled array index that is used for a function pointer, aka \"Malformed OBJECT record Vulnerability.\""
    },
    {
      "lang": "es",
      "value": "Microsoft Excel 2000 a 2004 permite a atacantes con implicaci\u00f3n del usuario ejecutar c\u00f3digo de su elecci\u00f3n mediante un fichero .xls con un registro BIFF artesanal con un \u00edndice de array controlado por el atacante que es usado para un puntero a funci\u00f3n, tcc \"Vulnerabilidad de registro OBJECT malformado\"."
    }
  ],
  "metrics": {
    "cvssMetricV2": [
      {
        "source": "nvd@nist.gov",
        "type": "Primary",
        "cvssData": {
          "version": "2.0",
          "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
          "accessVector": "NETWORK",
          "accessComplexity": "MEDIUM",
          "authentication": "NONE",
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.3
        },
        "baseSeverity": "HIGH",
        "exploitabilityScore": 8.6,
        "impactScore": 10.0,
        "acInsufInfo": false,
        "obtainAllPrivilege": true,
        "obtainUserPrivilege": false,
        "obtainOtherPrivilege": false,
        "userInteractionRequired": true
      }
    ]
  },
  "weaknesses": [
    {
      "source": "nvd@nist.gov",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-94"
        }
      ]
    }
  ],
  "configurations": [
    {
      "nodes": [
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:microsoft:excel:2000:*:*:*:*:*:*:*",
              "matchCriteriaId": "F55D42D5-7371-47C2-BF55-B7F51C19B61E"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:microsoft:excel:2000:sp2:*:*:*:*:*:*",
              "matchCriteriaId": "D4FBEB90-1BF2-4E84-9A74-EAD226AAA0A2"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:microsoft:excel:2000:sp3:*:*:*:*:*:*",
              "matchCriteriaId": "439B26BA-376C-4D6B-B7BA-B66B8BDA8E37"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:microsoft:excel:2000:sr1:*:*:*:*:*:*",
              "matchCriteriaId": "27C6E1BC-406E-4B0B-B513-33226AC4482D"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:microsoft:excel:2002:*:*:*:*:*:*:*",
              "matchCriteriaId": "082D3262-87E3-4245-AD9C-02BE0871FA3B"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:microsoft:excel:2002:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "C619E79B-90FB-4812-B0F3-115B47498492"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:microsoft:excel:2002:sp2:*:*:*:*:*:*",
              "matchCriteriaId": "EC893353-909C-49A8-8C3A-AD325C1D365D"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:microsoft:excel:2002:sp3:*:*:*:*:*:*",
              "matchCriteriaId": "896E23B1-AB34-43FF-96F3-BA6ED7F162AF"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:microsoft:excel:2003:*:*:*:*:*:*:*",
              "matchCriteriaId": "5F79E0AB-7081-4F97-BFE4-9AF84F643B9A"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:microsoft:excel:2003:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "9AED7433-3C95-4868-B05D-244149E0E33E"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:microsoft:excel:2004:*:mac_os_x:*:*:*:*:*",
              "matchCriteriaId": "B29EBC56-422C-45DF-B241-FA3EF1F7A8EE"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:microsoft:excel:x:*:mac_os_x:*:*:*:*:*",
              "matchCriteriaId": "DA71E158-6D0A-4BEF-8471-FE5C864E7073"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:microsoft:excel_viewer:2003:*:*:*:*:*:*:*",
              "matchCriteriaId": "FDB0020C-A804-4003-B411-1AC7A6E7193E"
            }
          ]
        }
      ]
    }
  ],
  "references": [
    {
      "url": "http://securitytracker.com/id?1016472",
      "source": "secure@microsoft.com"
    },
    {
      "url": "http://secway.org/advisory/AD20060711.txt",
      "source": "secure@microsoft.com",
      "tags": [
        "Vendor Advisory"
      ]
    },
    {
      "url": "http://www.securityfocus.com/archive/1/439884/100/0/threaded",
      "source": "secure@microsoft.com"
    },
    {
      "url": "http://www.securityfocus.com/bid/18886",
      "source": "secure@microsoft.com",
      "tags": [
        "Patch"
      ]
    },
    {
      "url": "http://www.vupen.com/english/advisories/2006/2755",
      "source": "secure@microsoft.com",
      "tags": [
        "Vendor Advisory"
      ]
    },
    {
      "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-037",
      "source": "secure@microsoft.com"
    },
    {
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A950",
      "source": "secure@microsoft.com"
    }
  ]
}
bootstrap 2023-04-24 12:24:31 +02:00			`{`
			`"id": "CVE-2006-1306",`
			`"sourceIdentifier": "secure@microsoft.com",`
			`"published": "2006-07-13T21:05:00.000",`
			`"lastModified": "2018-10-18T16:32:02.747",`
			`"vulnStatus": "Modified",`
			`"descriptions": [`
			`{`
			`"lang": "en",`
			`"value": "Microsoft Excel 2000 through 2004 allows user-assisted attackers to execute arbitrary code via a .xls file with a crafted BIFF record with an attacker-controlled array index that is used for a function pointer, aka \"Malformed OBJECT record Vulnerability.\""`
			`},`
			`{`
			`"lang": "es",`
			`"value": "Microsoft Excel 2000 a 2004 permite a atacantes con implicaci\u00f3n del usuario ejecutar c\u00f3digo de su elecci\u00f3n mediante un fichero .xls con un registro BIFF artesanal con un \u00edndice de array controlado por el atacante que es usado para un puntero a funci\u00f3n, tcc \"Vulnerabilidad de registro OBJECT malformado\"."`
			`}`
			`],`
			`"metrics": {`
			`"cvssMetricV2": [`
			`{`
			`"source": "nvd@nist.gov",`
			`"type": "Primary",`
			`"cvssData": {`
			`"version": "2.0",`
			`"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",`
			`"accessVector": "NETWORK",`
			`"accessComplexity": "MEDIUM",`
			`"authentication": "NONE",`
			`"confidentialityImpact": "COMPLETE",`
			`"integrityImpact": "COMPLETE",`
			`"availabilityImpact": "COMPLETE",`
			`"baseScore": 9.3`
			`},`
			`"baseSeverity": "HIGH",`
			`"exploitabilityScore": 8.6,`
			`"impactScore": 10.0,`
			`"acInsufInfo": false,`
			`"obtainAllPrivilege": true,`
			`"obtainUserPrivilege": false,`
			`"obtainOtherPrivilege": false,`
			`"userInteractionRequired": true`
			`}`
			`]`
			`},`
			`"weaknesses": [`
			`{`
			`"source": "nvd@nist.gov",`
			`"type": "Primary",`
			`"description": [`
			`{`
			`"lang": "en",`
			`"value": "CWE-94"`
			`}`
			`]`
			`}`
			`],`
			`"configurations": [`
			`{`
			`"nodes": [`
			`{`
			`"operator": "OR",`
			`"negate": false,`
			`"cpeMatch": [`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:a:microsoft:excel:2000:::::::*",`
			`"matchCriteriaId": "F55D42D5-7371-47C2-BF55-B7F51C19B61E"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:a:microsoft:excel:2000:sp2::::::",`
			`"matchCriteriaId": "D4FBEB90-1BF2-4E84-9A74-EAD226AAA0A2"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:a:microsoft:excel:2000:sp3::::::",`
			`"matchCriteriaId": "439B26BA-376C-4D6B-B7BA-B66B8BDA8E37"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:a:microsoft:excel:2000:sr1::::::",`
			`"matchCriteriaId": "27C6E1BC-406E-4B0B-B513-33226AC4482D"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:a:microsoft:excel:2002:::::::*",`
			`"matchCriteriaId": "082D3262-87E3-4245-AD9C-02BE0871FA3B"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:a:microsoft:excel:2002:sp1::::::",`
			`"matchCriteriaId": "C619E79B-90FB-4812-B0F3-115B47498492"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:a:microsoft:excel:2002:sp2::::::",`
			`"matchCriteriaId": "EC893353-909C-49A8-8C3A-AD325C1D365D"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:a:microsoft:excel:2002:sp3::::::",`
			`"matchCriteriaId": "896E23B1-AB34-43FF-96F3-BA6ED7F162AF"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:a:microsoft:excel:2003:::::::*",`
			`"matchCriteriaId": "5F79E0AB-7081-4F97-BFE4-9AF84F643B9A"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:a:microsoft:excel:2003:sp1::::::",`
			`"matchCriteriaId": "9AED7433-3C95-4868-B05D-244149E0E33E"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:a:microsoft:excel:2004::mac_os_x:::::",`
			`"matchCriteriaId": "B29EBC56-422C-45DF-B241-FA3EF1F7A8EE"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:a:microsoft:excel:x::mac_os_x:::::",`
			`"matchCriteriaId": "DA71E158-6D0A-4BEF-8471-FE5C864E7073"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:a:microsoft:excel_viewer:2003:::::::*",`
			`"matchCriteriaId": "FDB0020C-A804-4003-B411-1AC7A6E7193E"`
			`}`
			`]`
			`}`
			`]`
			`}`
			`],`
			`"references": [`
			`{`
			`"url": "http://securitytracker.com/id?1016472",`
			`"source": "secure@microsoft.com"`
			`},`
			`{`
			`"url": "http://secway.org/advisory/AD20060711.txt",`
			`"source": "secure@microsoft.com",`
			`"tags": [`
			`"Vendor Advisory"`
			`]`
			`},`
			`{`
			`"url": "http://www.securityfocus.com/archive/1/439884/100/0/threaded",`
			`"source": "secure@microsoft.com"`
			`},`
			`{`
			`"url": "http://www.securityfocus.com/bid/18886",`
			`"source": "secure@microsoft.com",`
			`"tags": [`
			`"Patch"`
			`]`
			`},`
			`{`
			`"url": "http://www.vupen.com/english/advisories/2006/2755",`
			`"source": "secure@microsoft.com",`
			`"tags": [`
			`"Vendor Advisory"`
			`]`
			`},`
			`{`
			`"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-037",`
			`"source": "secure@microsoft.com"`
			`},`
			`{`
			`"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A950",`
			`"source": "secure@microsoft.com"`
			`}`
			`]`
			`}`