CVE-2006-3864

Currently unrated

Key Information:

Vendor: Microsoft
Status: Office; Project; Visio
Vendor: CVE Published:; 10 October 2006

Summary

Unspecified vulnerability in mso.dll in Microsoft Office 2000, XP, and 2003, and Microsoft PowerPoint 2000, XP, and 2003, allows remote user-assisted attackers to execute arbitrary code via a malformed record in a (1) .DOC, (2) .PPT, or (3) .XLS file that triggers memory corruption, related to an "array boundary condition" (possibly an array index overflow), a different vulnerability than CVE-2006-3434, CVE-2006-3650, and CVE-2006-3868.

References

https://oval.cisecurity.org/repository/search/definition/...

vdb-entrysignaturex_refsource_OVAL

http://www.securityfocus.com/archive/1/449179/100/0/threaded

vendor-advisoryx_refsource_HP

http://www.vupen.com/english/advisories/2006/3981

vdb-entryx_refsource_VUPEN

EPSS Score

92% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Oct 10, 2006
Vulnerability Reserved
Jul 26, 2006

Collectors

NVD DatabaseMitre Database