CVE-2006-0002

Published Jan 10, 2006

Last updated a month ago

CVSS info 7.5

Overview

Description: Unspecified vulnerability in Microsoft Outlook 2000 through 2003, Exchange 5.0 Server SP2 and 5.5 SP4, Exchange 2000 SP3, and Office allows remote attackers to execute arbitrary code via an e-mail message with a crafted Transport Neutral Encapsulation Format (TNEF) MIME attachment, related to message length validation.
Source: secure@microsoft.com
NVD status: Deferred

Risk scores

CVSS 2.0

Type: Primary
Base score: 7.5
Impact score: 6.4
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:P/I:P/A:P

Weaknesses

nvd@nist.gov: NVD-CWE-noinfo

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:microsoft:exchange_server:5.0:-:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D823C88E-8560-469B-8655-4755E0484F14"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:exchange_server:5.0:sp1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F9D2B014-7D83-44D6-8F6D-2979ECF7B0FD"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:exchange_server:5.0:sp2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D746A67B-FB0D-4DD9-8345-3DD3B02D3B1A"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:exchange_server:5.5:-:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B4F9C143-4734-4E5D-9281-F51513C5CAAF"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:exchange_server:5.5:sp1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AD3E2F18-A369-4767-ACEF-38DB40EEC6D4"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:exchange_server:5.5:sp2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EC01670D-4550-4034-86A5-7879B6334241"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:exchange_server:5.5:sp3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B80A57A1-7B9F-4C07-ADAA-DBC4687F1EFC"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:exchange_server:5.5:sp4:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E3983529-F4E3-4883-97AF-5BFC87AC3E86"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:exchange_server:2000:sp3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E88E31D4-1120-4A18-BA65-E2C96B35E599"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:office:2000:sp3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4891122F-AD7F-45E6-98C6-833227916F6B"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:office:2003:sp1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4EED9D78-AE73-44BA-A1CE-603994E92E89"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:office:2003:sp2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "07D3F3E4-93FB-481A-94D9-075E726697C4"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:office:xp:sp3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "79BA1175-7F02-4435-AEA6-1BA8AADEB7EF"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:outlook:2000:sp3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BBE43EAE-9397-44E4-AE3D-44CEA47699DA"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:outlook:2002:sp3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "ACCF73A2-FFD7-41E0-B1BF-E5B4590F51FF"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:outlook:2003:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C3189982-F780-4AC2-9663-E6D4DF9DD319"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

References

Sources include official advisories and independent security research.

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References