5.1

CVE-2006-3493

Exploit

Buffer overflow in LsCreateLine function (mso_203) in mso.dll and mso9.dll, as used by Microsoft Word and possibly other products in Microsoft Office 2003, 2002, and 2000, allows remote user-assisted attackers to cause a denial of service (crash) via a crafted Word DOC or other Office file type.  NOTE: this issue was originally reported to allow code execution, but on 20060710 Microsoft stated that code execution is not possible, and the original researcher agrees.

Daten sind bereitgestellt durch National Vulnerability Database (NVD)
MicrosoftOffice Version2000
MicrosoftOffice Version2000 Updatesp1
MicrosoftOffice Version2000 Updatesp2
MicrosoftOffice Version2000 Updatesp3
MicrosoftOffice Version2003
MicrosoftOffice Version2003 Updatesp1
MicrosoftOffice Version2003 Updatesp2
MicrosoftOffice Version2003 Updatesp3
MicrosoftOffice Versionxp
MicrosoftOffice Versionxp Updatesp1
MicrosoftOffice Versionxp Updatesp2
MicrosoftOffice Versionxp Updatesp3
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 57.69% 0.979
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.1 4.9 6.4
AV:N/AC:H/Au:N/C:P/I:P/A:P