CVE-2005-4131

Published: Dec 9, 2005Modified: Apr 16, 2026

6.8

Vector

AV:N/AC:M/Au:N/C:P/I:P/A:P

Exploitability: 8.6 / Impact: 6.4

Source: NVD

Description

Unspecified vulnerability in Microsoft Excel 2000, 2002, and 2003, in Microsoft Office 2000 SP3 and other packages, allows user-assisted attackers to execute arbitrary code via an Excel file with a malformed range, which could lead to memory corruption involving an argument to the msvcrt.memmove function, aka "Brand new Microsoft Excel Vulnerability," as originally placed for sale on eBay as item number 7203336538.

Affected (14)

Products: Microsoft: Excel

1 product

Configuration A

14 vulnerable

Vulnerable Software	Affected Versions
Microsoft Excel	Version 2000
Microsoft Excel	Version 2000 sp2
Microsoft Excel	Version 2000 sp3
Microsoft Excel	Version 2000 sr1
Microsoft Excel	Version 2002
Microsoft Excel	Version 2002 sp1
Microsoft Excel	Version 2002 sp2
Microsoft Excel	Version 2002 sp3
Microsoft Excel	Version 2003
Microsoft Excel	Version 2003 sp1
Microsoft Excel	Version 95
Microsoft Excel	Version 97
Microsoft Excel	Version 97 sr1
Microsoft Excel	Version 97 sr2

References (50)

http://cgi.ebay.com/ws/eBayISAPI.dll?ViewItem&item=7203336538

Source: cve@mitre.org

http://informationweek.com/story/showArticle.jhtml?articleID=174910198

Source: cve@mitre.org

http://news.com.com/2061-10789_3-5988086.html

Source: cve@mitre.org

http://news.zdnet.com/2100-1009_22-5989078.html

Source: cve@mitre.org

http://secunia.com/advisories/19138

Source: cve@mitre.org

Vendor Advisory

http://secunia.com/advisories/19238

Source: cve@mitre.org

Vendor Advisory

http://securityreason.com/securityalert/584

Source: cve@mitre.org

http://securityreason.com/securityalert/591

Source: cve@mitre.org

http://securitytracker.com/id?1015333

Source: cve@mitre.org

http://securitytracker.com/id?1015766

Source: cve@mitre.org

http://support.avaya.com/elmodocs2/security/ASA-2006-069.htm

Source: cve@mitre.org

http://www.dicks-blog.com/archives/2005/12/08/excel-vulnerability-for-sale/

Source: cve@mitre.org

http://www.eweek.com/article2/0%2C1759%2C1899697%2C00.asp?kc=EWRSS03129TX1K0000614

Source: cve@mitre.org

http://www.kb.cert.org/vuls/id/642428

Source: cve@mitre.org

US Government Resource

http://www.osvdb.org/blog/?p=71

Source: cve@mitre.org

http://www.securityfocus.com/archive/1/427635/100/0/threaded

Source: cve@mitre.org

http://www.securityfocus.com/archive/1/427698/100/0/threaded

Source: cve@mitre.org

http://www.securityfocus.com/bid/15780

Source: cve@mitre.org

Patch

http://www.securityfocus.com/news/11363

Source: cve@mitre.org

http://www.theage.com.au/news/breaking/excel-flaw-up-for-sale-on-ebay/2005/12/09/1134086783318.html

Source: cve@mitre.org

http://www.theregister.co.uk/2005/12/10/ebay_pulls_excel_vulnerability_auction/

Source: cve@mitre.org

http://www.us-cert.gov/cas/techalerts/TA06-073A.html

Source: cve@mitre.org

US Government Resource

http://www.vupen.com/english/advisories/2006/0950

Source: cve@mitre.org

Vendor Advisory

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-012

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/23537

Source: cve@mitre.org

http://cgi.ebay.com/ws/eBayISAPI.dll?ViewItem&item=7203336538

Source: af854a3a-2127-422b-91ae-364da2661108

http://informationweek.com/story/showArticle.jhtml?articleID=174910198

Source: af854a3a-2127-422b-91ae-364da2661108

http://news.com.com/2061-10789_3-5988086.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://news.zdnet.com/2100-1009_22-5989078.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/19138

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://secunia.com/advisories/19238

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://securityreason.com/securityalert/584

Source: af854a3a-2127-422b-91ae-364da2661108

http://securityreason.com/securityalert/591

Source: af854a3a-2127-422b-91ae-364da2661108

http://securitytracker.com/id?1015333

Source: af854a3a-2127-422b-91ae-364da2661108

http://securitytracker.com/id?1015766

Source: af854a3a-2127-422b-91ae-364da2661108

http://support.avaya.com/elmodocs2/security/ASA-2006-069.htm

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.dicks-blog.com/archives/2005/12/08/excel-vulnerability-for-sale/

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.eweek.com/article2/0%2C1759%2C1899697%2C00.asp?kc=EWRSS03129TX1K0000614

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.kb.cert.org/vuls/id/642428

Source: af854a3a-2127-422b-91ae-364da2661108

US Government Resource

http://www.osvdb.org/blog/?p=71

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/archive/1/427635/100/0/threaded

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/archive/1/427698/100/0/threaded

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/15780

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

http://www.securityfocus.com/news/11363

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.theage.com.au/news/breaking/excel-flaw-up-for-sale-on-ebay/2005/12/09/1134086783318.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.theregister.co.uk/2005/12/10/ebay_pulls_excel_vulnerability_auction/

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.us-cert.gov/cas/techalerts/TA06-073A.html

Source: af854a3a-2127-422b-91ae-364da2661108

US Government Resource

http://www.vupen.com/english/advisories/2006/0950

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-012

Source: af854a3a-2127-422b-91ae-364da2661108

https://exchange.xforce.ibmcloud.com/vulnerabilities/23537

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.