CVE-2006-3014
published 2006-06-22CVE-2006-3014: Microsoft Excel allows user-assisted attackers to execute arbitrary javascript and redirect users to arbitrary sites via an Excel spreadsheet with an embedded…
PriorityP431medium5.1CVSS 2.0
AVNACHAuNCPIPAP
EXPLOIT
EPSS
30.10%
98.0th percentile
Microsoft Excel allows user-assisted attackers to execute arbitrary javascript and redirect users to arbitrary sites via an Excel spreadsheet with an embedded Shockwave Flash Player ActiveX Object, which is automatically executed when the user opens the spreadsheet.
Detection & IOCsextracted from sources · hover to see the quote
- →Detect Excel spreadsheets with embedded Shockwave Flash Player ActiveX Objects, which auto-execute on open and can run arbitrary JavaScript or redirect users to attacker-controlled sites. ↗
- →Monitor for Flash Player ActiveX Objects embedded within Office documents (e.g., .xls files) executing script content without user confirmation prompts. ↗
- ·Vulnerability affects Windows 2003 SP1, Windows XP Professional SP1/SP2, and Windows 2000 Professional, all running Microsoft Office 2003; other versions may also be vulnerable. ↗
- ·CVE-2006-3014 is Windows-platform specific and is distinct from the related Flash Player input validation CVEs (CVE-2006-3311, CVE-2006-3587, CVE-2006-3588) which affect Flash Player 8.0.24.0 and earlier. ↗
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
http://archives.neohapsis.com/archives/fulldisclosure/2006-06/0414.htmlhttp://hackingspirits.com/vuln-rnd/vuln-rnd.htmlhttp://secunia.com/advisories/21865http://secunia.com/advisories/22882http://securitytracker.com/id?1016344http://www.adobe.com/support/security/bulletins/apsb06-11.htmlhttp://www.securiteam.com/windowsntfocus/5TP0M0KIUA.htmlhttp://www.securityfocus.com/bid/18583http://www.securityfocus.com/bid/19980http://www.us-cert.gov/cas/techalerts/TA06-318A.htmlhttp://www.vupen.com/english/advisories/2006/3573http://www.vupen.com/english/advisories/2006/3577http://www.vupen.com/english/advisories/2006/4507https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-069https://exchange.xforce.ibmcloud.com/vulnerabilities/27312https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A538http://archives.neohapsis.com/archives/fulldisclosure/2006-06/0414.htmlhttp://hackingspirits.com/vuln-rnd/vuln-rnd.htmlhttp://secunia.com/advisories/21865http://secunia.com/advisories/22882http://securitytracker.com/id?1016344http://www.adobe.com/support/security/bulletins/apsb06-11.htmlhttp://www.securiteam.com/windowsntfocus/5TP0M0KIUA.htmlhttp://www.securityfocus.com/bid/18583http://www.securityfocus.com/bid/19980http://www.us-cert.gov/cas/techalerts/TA06-318A.htmlhttp://www.vupen.com/english/advisories/2006/3573http://www.vupen.com/english/advisories/2006/3577http://www.vupen.com/english/advisories/2006/4507https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-069https://exchange.xforce.ibmcloud.com/vulnerabilities/27312https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A538
2006-06-22
Published