[Forgot Password]
Login  Register Subscribe

30480

 
 

423868

 
 

251782

 
 

909

 
 

196543

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2006-2492Date: (C)2006-05-19   (M)2023-12-22


Buffer overflow in Microsoft Word in Office 2000 SP3, Office XP SP3, Office 2003 Sp1 and SP2, and Microsoft Works Suites through 2006, allows user-assisted attackers to execute arbitrary code via a malformed object pointer, as originally reported by ISC on 20060519 for a zero-day attack.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 7.6
Exploit Score: 4.9
Impact Score: 10.0
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: HIGH
Authentication: NONE
Confidentiality: COMPLETE
Integrity: COMPLETE
Availability: COMPLETE
  
Reference:
SECTRACK-1016130
BID-18037
SECUNIA-20153
OSVDB-25635
ADV-2006-1872
MS06-027
TA06-139A
TA06-164A
VU#446012
http://blogs.technet.com/msrc/archive/2006/05/19/429353.aspx
http://isc.sans.org/diary.php?storyid=1345
http://isc.sans.org/diary.php?storyid=1346
http://www.microsoft.com/technet/security/advisory/919637.mspx
oval:org.mitre.oval:def:1418
oval:org.mitre.oval:def:1738
oval:org.mitre.oval:def:2068
word-code-execution(26556)

CPE    1
cpe:/a:microsoft:word:2003
OVAL    3
oval:org.mitre.oval:def:1738
oval:org.mitre.oval:def:1418
oval:org.mitre.oval:def:2068

© SecPod Technologies