5.1

CVE-2006-3590

mso.dll, as used by Microsoft PowerPoint 2000 through 2003, allows user-assisted attackers to execute arbitrary commands via a malformed shape container in a PPT file that leads to memory corruption, as exploited by Trojan.PPDropper.B, a different issue than CVE-2006-1540 and CVE-2006-3493.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
MicrosoftPowerpoint Version2000
MicrosoftPowerpoint Version2002
MicrosoftPowerpoint Version2003
MicrosoftPowerpoint Version2003 Updatesp1
MicrosoftPowerpoint Version2003 Updatesp2
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 14.26% 0.961
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.1 4.9 6.4
AV:N/AC:H/Au:N/C:P/I:P/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://www.us-cert.gov/cas/techalerts/TA06-220A.html
US Government Resource
http://blogs.securiteam.com/?p=508
http://isc.sans.org/diary.php?storyid=1484
http://secunia.com/advisories/21040
Vendor Advisory
http://securityresponse.symantec.com/avcenter/venc/data/trojan.ppdropper.b.html
http://securitytracker.com/id?1016496
http://www.kb.cert.org/vuls/id/936945
US Government Resource
http://www.osvdb.org/27324
http://www.securityfocus.com/archive/1/440137/100/0/threaded
http://www.securityfocus.com/archive/1/440255/100/0/threaded
http://www.securityfocus.com/archive/1/440532/100/0/threaded
http://www.securityfocus.com/bid/18957
http://www.vupen.com/english/advisories/2006/2795
Vendor Advisory
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-048
https://exchange.xforce.ibmcloud.com/vulnerabilities/27740
https://exchange.xforce.ibmcloud.com/vulnerabilities/27781
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A399