9.3

CVE-2006-0033

Unspecified vulnerability in Microsoft Office 2003 SP1 and SP2, Office XP SP3, Office 2000 SP3, and other products, allows user-assisted attackers to execute arbitrary code via a crafted PNG image that triggers memory corruption when it is parsed.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
MicrosoftOffice Version2000 Updatesp3
MicrosoftOffice Version2003 Updatesp1
MicrosoftOffice Version2003 Updatesp2
MicrosoftOffice Versionxp Updatesp3
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 15.23% 0.963
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 9.3 8.6 10
AV:N/AC:M/Au:N/C:C/I:C/A:C
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://www.us-cert.gov/cas/techalerts/TA06-192A.html
US Government Resource
http://secunia.com/advisories/21013
Vendor Advisory
http://securitytracker.com/id?1016470
http://www.vupen.com/english/advisories/2006/2757
Vendor Advisory
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-039
http://www.fortinet.com/FortiGuardCenter/advisory/FG-2006-22.html
http://www.kb.cert.org/vuls/id/459388
US Government Resource
http://www.osvdb.org/27147
http://www.securityfocus.com/bid/18913
Patch
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A163