9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.507 Medium
EPSS
Percentile
97.5%
Added: 01/17/2007
CVE: CVE-2006-3876
BID: 20322
OSVDB: 29447
Microsoft PowerPoint is presentation software included in the Microsoft Office desktop suite.
Improper handling of malformed Data records in PowerPoint files allows command execution.
Apply the patch referenced in Microsoft Security Bulletin 06-058.
<http://www.kb.cert.org/vuls/id/938196>
<http://www.microsoft.com/technet/security/Bulletin/MS06-058.mspx>
Exploit works on Microsoft PowerPoint 2000 SR-1 (9.0.3821). Exploit requires a user to open the exploit file in Microsoft PowerPoint.
Windows