Memory Corruption Vulnerability in Microsoft Office Products
CVE-2006-3864

Currently unrated

Key Information:

Vendor: Microsoft
Status: Office; Project; Visio
Vendor: CVE Published:; 10 October 2006

Summary

The vulnerability in mso.dll affects various versions of Microsoft Office and PowerPoint, allowing remote user-assisted attackers to execute arbitrary code. This can occur through malformed documents, such as .DOC, .PPT, or .XLS files, leading to potential memory corruption due to an array boundary condition issue. Safe handling of these file types is crucial to mitigate the risk associated with this vulnerability.

References

https://oval.cisecurity.org/repository/search/definition/...

vdb-entrysignaturex_refsource_OVAL

http://www.securityfocus.com/archive/1/449179/100/0/threaded

vendor-advisoryx_refsource_HP

http://www.vupen.com/english/advisories/2006/3981

vdb-entryx_refsource_VUPEN

EPSS Score

45% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Oct 10, 2006
Vulnerability Reserved
Jul 26, 2006