CVE-2006-3014

Publication date 22 June 2006

Last updated 17 July 2025

Ubuntu priority

Microsoft Excel allows user-assisted attackers to execute arbitrary javascript and redirect users to arbitrary sites via an Excel spreadsheet with an embedded Shockwave Flash Player ActiveX Object, which is automatically executed when the user opens the spreadsheet.

Status

Show unmaintained releases

No maintained releases are affected by this CVE.

Package	Ubuntu Release	Status
flashplugin-nonfree	9.10 karmic	Fixed 7.0.68~ubuntu3
	9.04 jaunty	Fixed 7.0.68~ubuntu3
	8.10 intrepid	Fixed 7.0.68~ubuntu3
	8.04 LTS hardy	Fixed 7.0.68~ubuntu3
	7.10 gutsy	Fixed 7.0.68~ubuntu3
	7.04 feisty	Fixed 9.0.48.0.0ubuntu1~7.04.1
	6.10 edgy	Fixed 7.0.68~ubuntu3
	6.06 LTS dapper	Ignored end of life

How can I get the fixes?
What do statuses mean?

References

MITRE
NVD
Launchpad
Debian

Other references

https://www.cve.org/CVERecord?id=CVE-2006-3014