First published: Fri Feb 23 2007(Updated: )
Mathcad 12 through 13.1 allows local users to bypass the security features by directly accessing or editing the XML representation of the worksheet with a text editor or other program, which allows attackers to (1) bypass password protection by replacing the password field with a hash of a known password, (2) modify timestamps to avoid detection of modifications, (3) remove locks by removing the "is-locked" attribute, and (4) view locked data, which is stored in plaintext.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Microsoft Windows 2000 | ||
Microsoft Windows Server 2003 | =sp2 | |
Microsoft Windows 9x | ||
Microsoft Windows 9x | =gold | |
Microsoft Windows 98 | ||
Microsoft Windows | ||
Microsoft Windows NT | =4.0 | |
Microsoft Windows XP | =gold | |
PTC Mathcad | =12 | |
PTC Mathcad | =13 | |
PTC Mathcad | =13.1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2006-7037 is a moderate severity vulnerability that allows local users to bypass security features in Mathcad.
To fix CVE-2006-7037, ensure you update to a version of Mathcad that is not vulnerable, specifically versions after 13.1.
CVE-2006-7037 affects Mathsoft Mathcad versions 12, 13, and 13.1.
Attackers can bypass password protection by editing the XML representation of a worksheet in Mathcad.
No, Mathcad 14 and later versions are not affected by CVE-2006-7037.