Vulnerability Details : CVE-2006-0003
Public exploit exists!
Unspecified vulnerability in the RDS.Dataspace ActiveX control, which is contained in ActiveX Data Objects (ADO) and distributed in Microsoft Data Access Components (MDAC) 2.7 and 2.8, allows remote attackers to execute arbitrary code via unknown attack vectors.
Vulnerability category: Execute code
Products affected by CVE-2006-0003
- cpe:2.3:a:microsoft:data_access_components:2.7:*:*:*:*:*:*:*
- cpe:2.3:a:microsoft:data_access_components:2.8:*:*:*:*:*:*:*
- cpe:2.3:a:microsoft:data_access_components:2.5:sp3:*:*:*:*:*:*
- cpe:2.3:a:microsoft:data_access_components:2.8:sp1:*:*:*:*:*:*
- cpe:2.3:a:microsoft:data_access_components:2.8:sp2:*:*:*:*:*:*
- cpe:2.3:a:microsoft:data_access_components:2.7:sp1:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2006-0003
95.57%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 100 %
Percentile, the proportion of vulnerabilities that are scored at or less
Metasploit modules for CVE-2006-0003
-
MS06-014 Microsoft Internet Explorer COM CreateObject Code Execution
Disclosure Date: 2006-04-11First seen: 2020-04-26exploit/windows/browser/ie_createobjectThis module exploits a generic code execution vulnerability in Internet Explorer by abusing vulnerable ActiveX objects. Authors: - hdm <x@hdm.io>
CVSS scores for CVE-2006-0003
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
5.1
|
MEDIUM | AV:N/AC:H/Au:N/C:P/I:P/A:P |
4.9
|
6.4
|
NIST |
References for CVE-2006-0003
-
http://www.securityfocus.com/archive/1/475104/100/100/threaded
-
http://www.us-cert.gov/cas/techalerts/TA06-101A.html
Third Party Advisory;US Government Resource
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1778
-
https://www.exploit-db.com/exploits/2052
-
http://www.securityfocus.com/archive/1/487219/100/200/threaded
-
http://www.securityfocus.com/data/vulnerabilities/exploits/0day_ie.pdf
-
http://www.securityfocus.com/archive/1/475490/100/100/threaded
-
http://www.kb.cert.org/vuls/id/234812
Third Party Advisory;US Government Resource
-
http://securitytracker.com/id?1015894
-
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-014
-
http://www.hitachi-support.com/security_e/vuls_e/HS06-013_e/01-e.html
-
http://www.hitachi-support.com/security_e/vuls_e/HS06-013_e/index-e.html
-
http://www.securityfocus.com/bid/17462
-
http://www.securityfocus.com/archive/1/487216/100/200/threaded
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/25006
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1204
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1511
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1323
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/29915
-
http://www.vupen.com/english/advisories/2006/1319
-
http://www.securityfocus.com/archive/1/475118/100/100/threaded
-
http://www.vupen.com/english/advisories/2006/2452
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1742
-
https://www.exploit-db.com/exploits/2164
-
http://www.securityfocus.com/bid/20797
-
http://www.securityfocus.com/archive/1/475108/100/100/threaded
Jump to