Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2006-3864
HistoryOct 10, 2006 - 10:07 p.m.

CVE-2006-3864

2006-10-1022:07:00
CWE-94
[email protected]
web.nvd.nist.gov
33
cve-2006-3864
microsoft office
mso.dll
remote code execution
memory corruption

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.2 High

AI Score

Confidence

Low

0.841 High

EPSS

Percentile

98.5%

JSON

Unspecified vulnerability in mso.dll in Microsoft Office 2000, XP, and 2003, and Microsoft PowerPoint 2000, XP, and 2003, allows remote user-assisted attackers to execute arbitrary code via a malformed record in a (1) .DOC, (2) .PPT, or (3) .XLS file that triggers memory corruption, related to an “array boundary condition” (possibly an array index overflow), a different vulnerability than CVE-2006-3434, CVE-2006-3650, and CVE-2006-3868.

Affected configurations

NVD
Node
microsoftofficeMatch2000sp3
OR
microsoftofficeMatch2003sp1
OR
microsoftofficeMatch2003sp2
OR
microsoftofficeMatch2004mac
OR
microsoftofficeMatchv.xmac
OR
microsoftofficeMatchxpsp3
OR
microsoftprojectMatch2000sr1
OR
microsoftprojectMatch2002sp1
OR
microsoftvisioMatch2002sp2

Related

cve 3
nessus 2
nvd 4
securityvulns 3
cvelist 4
cert 4
zdi 1
cve
cve
CVE-2006-3650
2006-10-10 22:07:00
CVE-2006-3434
2006-10-10 22:07:00
CVE-2006-3868
2006-10-10 22:07:00
nessus
nessus
MS06-062: Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (922581)
2006-10-10 00:00:00
MS06-058 / MS06-059 / MS06-0060 / MS06-062: Vulnerabilities in Microsoft Office Allow Remote Code Execution (924163 / 924164 / 924554 / 922581) (Mac OS X)
2006-10-11 00:00:00
nvd
nvd
CVE-2006-3650
2006-10-10 22:07:00
CVE-2006-3864
2006-10-10 22:07:00
CVE-2006-3434
2006-10-10 22:07:00
securityvulns
securityvulns
Microsoft Security Bulletin MS06-062 Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (922581)
2006-10-11 00:00:00
Microsoft Office Malformed Record Memory Corruption Vulnerability
2006-10-11 00:00:00
ZDI-06-034: Microsoft Office Word Malformed Chart Code Execution Vulnerability
2006-10-11 00:00:00
cvelist
cvelist
CVE-2006-3650
2006-10-10 22:00:00
CVE-2006-3864
2006-10-10 22:00:00
CVE-2006-3434
2006-10-10 22:00:00
cert
cert
Microsoft Office fails to properly parse malformed records
2006-10-11 00:00:00
Microsoft Office fails to properly parse malformed strings
2006-10-11 00:00:00
Microsoft Office fails to properly parse malformed Smart Tags
2006-10-11 00:00:00
zdi
zdi
Microsoft Word Malformed Chart Code Execution Vulnerability
2006-10-10 00:00:00

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.2 High

AI Score

Confidence

Low

0.841 High

EPSS

Percentile

98.5%

JSON
Related for CVE-2006-3864
cve3nessus2nvd4securityvulns3cvelist4cert4zdi1