Microsoft Office 2003 - Embedded Shockwave Flash Object Security Bypass

EDB-ID:

28087

CVE:

2006-3014

EDB Verified:

Author:

Debasis Mohanty

Type:

dos

Exploit:   /  

Platform:

Windows

Date:

2006-06-22

Vulnerable App: 
source: https://www.securityfocus.com/bid/18583/info

Microsoft Office is prone to a weakness that may allow remote attackers to execute arbitrary script code contained in Shockwave Flash Objects without first requiring confirmation from users.

A successful attack may allow attackers to access sensitive information and potentially execute malicious commands on a vulnerable computer.

The researcher responsible for discovering this issue has indicated that it presents itself on Windows 2003 SP1, Windows XP Professional Edition SP1 and SP2 running Microsoft Office 2003, and Windows 2000 Professional running Microsoft Office 2003. Other versions may be vulnerable as well.

https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/28087.zip
Tags:
Advisory/Source: Link
Databases Links Sites Solutions
Exploits Search Exploit-DB OffSec Courses and Certifications
Google Hacking Submit Entry Kali Linux Learn Subscriptions
Papers SearchSploit Manual VulnHub OffSec Cyber Range
Shellcodes Exploit Statistics Proving Grounds
Penetration Testing Services
Exploits Google Hacking Papers Shellcodes
Search Exploit-DB Submit Entry SearchSploit Manual Exploit Statistics
OffSec Kali Linux VulnHub
Courses and Certifications Learn Subscriptions OffSec Cyber Range Proving Grounds Penetration Testing Services