Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2006-3650
HistoryOct 10, 2006 - 10:07 p.m.

CVE-2006-3650

2006-10-1022:07:00
CWE-94
[email protected]
web.nvd.nist.gov

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.2 High

AI Score

Confidence

Low

0.841 High

EPSS

Percentile

98.5%

JSON

Microsoft Office 2000, XP, 2003, 2004 for Mac, and v.X for Mac do not properly parse the length of a chart record, which allows remote user-assisted attackers to execute arbitrary code via a Word document with an embedded malformed chart record that triggers an overwrite of pointer values with values from the document, a different vulnerability than CVE-2006-3434, CVE-2006-3864, and CVE-2006-3868.

Affected configurations

NVD
Node
microsoftofficeMatch2000
OR
microsoftofficeMatch2000ja
OR
microsoftofficeMatch2000ko
OR
microsoftofficeMatch2000zh
OR
microsoftofficeMatch2000sp1
OR
microsoftofficeMatch2000sp2
OR
microsoftofficeMatch2000sp3
OR
microsoftofficeMatch2001
OR
microsoftofficeMatch2001mac_os
OR
microsoftofficeMatch2001sr1mac_os
OR
microsoftofficeMatch2003
OR
microsoftofficeMatch2003sp1
OR
microsoftofficeMatch2003sp2
OR
microsoftofficeMatch2003sp3
OR
microsoftofficeMatch2004mac_os
OR
microsoftofficeMatchv.x

Related

cve 4
cvelist 4
securityvulns 3
nessus 2
nvd 3
cert 4
zdi 1
cve
cve
CVE-2006-3864
2006-10-10 22:07:00
CVE-2006-3650
2006-10-10 22:07:00
CVE-2006-3434
2006-10-10 22:07:00
cvelist
cvelist
CVE-2006-3650
2006-10-10 22:00:00
CVE-2006-3864
2006-10-10 22:00:00
CVE-2006-3434
2006-10-10 22:00:00
securityvulns
securityvulns
Microsoft Security Bulletin MS06-062 Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (922581)
2006-10-11 00:00:00
ZDI-06-034: Microsoft Office Word Malformed Chart Code Execution Vulnerability
2006-10-11 00:00:00
Microsoft Office Malformed Record Memory Corruption Vulnerability
2006-10-11 00:00:00
nessus
nessus
MS06-062: Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (922581)
2006-10-10 00:00:00
MS06-058 / MS06-059 / MS06-0060 / MS06-062: Vulnerabilities in Microsoft Office Allow Remote Code Execution (924163 / 924164 / 924554 / 922581) (Mac OS X)
2006-10-11 00:00:00
nvd
nvd
CVE-2006-3864
2006-10-10 22:07:00
CVE-2006-3434
2006-10-10 22:07:00
CVE-2006-3868
2006-10-10 22:07:00
cert
cert
Microsoft Office fails to properly parse malformed strings
2006-10-11 00:00:00
Microsoft Office fails to properly parse malformed Smart Tags
2006-10-11 00:00:00
Microsoft Office fails to properly parse malformed chart records
2006-10-11 00:00:00
zdi
zdi
Microsoft Word Malformed Chart Code Execution Vulnerability
2006-10-10 00:00:00

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.2 High

AI Score

Confidence

Low

0.841 High

EPSS

Percentile

98.5%

JSON
Related for NVD:CVE-2006-3650
cve4cvelist4securityvulns3nessus2nvd3cert4zdi1