CVE-2006-7037

Current Description

Mathcad 12 through 13.1 allows local users to bypass the security features by directly accessing or editing the XML representation of the worksheet with a text editor or other program, which allows attackers to (1) bypass password protection by replacing the password field with a hash of a known password, (2) modify timestamps to avoid detection of modifications, (3) remove locks by removing the "is-locked" attribute, and (4) view locked data, which is stored in plaintext.

Basic Data

PublishedFebruary 23, 2007
Last ModifiedOctober 16, 2018
Assignercve@mitre.org
Data TypeCVE
Data FormatMITRE
Data Version4.0
Problem TypeNVD-CWE-Other
CVE Data Version4.0

Base Metric V2

CVSS 2 - Version2.0
CVSS 2 - Vector StringAV:L/AC:M/Au:N/C:P/I:P/A:P
CVSS 2 - Access VectorLOCAL
CVSS 2 - Access ComplexityMEDIUM
CVSS 2 - AuthenticationNONE
CVSS 2 - Confidentiality ImpactPARTIAL
CVSS 2 - Availability ImpactPARTIAL
CVSS 2 - Base Score4.4
SeverityMEDIUM
Exploitability Score3.4
Impact Score6.4
Obtain All Privilegefalse
Obtain User Privilegefalse
Obtain Other Privilegetrue

Base Metric V3

No data provided.

Configurations

  • AND
    • OR - Configuration 1
      Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
      2.3OSMicrosoftWindows 2000********
      2.3OSMicrosoftWindows 2003 Serversp2*******
      2.3OSMicrosoftWindows 95********
      2.3OSMicrosoftWindows 98*gold******
      2.3OSMicrosoftWindows 98se********
      2.3OSMicrosoftWindows Me********
      2.3OSMicrosoftWindows Nt4.0*******
      2.3OSMicrosoftWindows Xp*gold******
    • OR Running on/with:
      Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
      2.3ApplicationMathsoftMathcad12*******
      2.3ApplicationMathsoftMathcad13*******
      2.3ApplicationMathsoftMathcad13.1*******

Vulnerable Software List

VendorProductVersions
Mathsoft Mathcad 12, 13, 13.1

References

NameSourceURLTags
2305http://securityreason.com/securityalert/2305SREASON
20060608 Mathcad Area Lock Vulnerabilityhttp://www.securityfocus.com/archive/1/436441/30/4560/threadedBUGTRAQ
mathcad-area-password-security-bypass(27115)https://exchange.xforce.ibmcloud.com/vulnerabilities/27115XF
mathcad-timestamp-security-bypass(27116)https://exchange.xforce.ibmcloud.com/vulnerabilities/27116XF
mathcad-islocked-security-bypass(27117)https://exchange.xforce.ibmcloud.com/vulnerabilities/27117XF
mathcad-locked-area-security-bypass(27118)https://exchange.xforce.ibmcloud.com/vulnerabilities/27118XF