exploitDog

CVE-2006-2389

Опубликовано: 11 июл. 2006

Источник: nvd

CVSS2: 9.3

EPSS Высокий

Описание

Unspecified vulnerability in Microsoft Office 2003 SP1 and SP2, Office XP SP3, Office 2000 SP3, and other products, allows user-assisted attackers to execute arbitrary code via an Office file with a malformed property that triggers memory corruption related to record lengths, aka "Microsoft Office Property Vulnerability," a different vulnerability than CVE-2006-1316.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:microsoft:office:2000:sp3:*:*:*:*:*:*

cpe:2.3:a:microsoft:office:2003:sp1:*:*:*:*:*:*

cpe:2.3:a:microsoft:office:2003:sp2:*:*:*:*:*:*

cpe:2.3:a:microsoft:office:xp:sp3:*:*:*:*:*:*

EPSS

Процентиль: 99%

0.74233

Высокий

9.3 Critical

CVSS2

Дефекты

CWE-94

Связанные уязвимости

GHSA-mc3v-59x4-8r59

github

почти 4 года назад

Unspecified vulnerability in Microsoft Office 2003 SP1 and SP2, Office XP SP3, Office 2000 SP3, and other products, allows user-assisted attackers to execute arbitrary code via an Office file with a malformed property that triggers memory corruption related to record lengths, aka "Microsoft Office Property Vulnerability," a different vulnerability than CVE-2006-1316.

EPSS

Процентиль: 99%

0.74233

Высокий

9.3 Critical

CVSS2

Дефекты

CWE-94