Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2006-3435

Опубликовано: 10 окт. 2006
Источник: nvd
CVSS2: 9.3
EPSS Средний

Описание

PowerPoint in Microsoft Office 2000, XP, 2003, 2004 for Mac, and v.X for Mac does not properly parse the slide notes field in a document, which allows remote user-assisted attackers to execute arbitrary code via crafted data in this field, which triggers an erroneous object pointer calculation that uses data from within the document. NOTE: this issue is different than other PowerPoint vulnerabilities including CVE-2006-4694.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:microsoft:office:2000:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:office:2000:sp1:*:*:*:*:*:*
cpe:2.3:a:microsoft:office:2000:sp2:*:*:*:*:*:*
cpe:2.3:a:microsoft:office:2000:sp3:*:*:*:*:*:*
cpe:2.3:a:microsoft:office:2003:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:office:2003:sp1:*:*:*:*:*:*
cpe:2.3:a:microsoft:office:2003:sp2:*:*:*:*:*:*
cpe:2.3:a:microsoft:office:2003:sp3:*:*:*:*:*:*
cpe:2.3:a:microsoft:office:2004:*:mac:*:*:*:*:*
cpe:2.3:a:microsoft:office:v.x:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:office:xp:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:office:xp:sp1:*:*:*:*:*:*
cpe:2.3:a:microsoft:office:xp:sp2:*:*:*:*:*:*
cpe:2.3:a:microsoft:office:xp:sp3:*:*:*:*:*:*

EPSS

Процентиль: 98%
0.46603
Средний

9.3 Critical

CVSS2

Дефекты

CWE-94

Связанные уязвимости

github логотип

GHSA-rrw4-gpgf-m865

github
почти 4 года назад

PowerPoint in Microsoft Office 2000, XP, 2003, 2004 for Mac, and v.X for Mac does not properly parse the slide notes field in a document, which allows remote user-assisted attackers to execute arbitrary code via crafted data in this field, which triggers an erroneous object pointer calculation that uses data from within the document. NOTE: this issue is different than other PowerPoint vulnerabilities including CVE-2006-4694.

EPSS

Процентиль: 98%
0.46603
Средний

9.3 Critical

CVSS2

Дефекты

CWE-94