9.3

CVE-2006-3647

Integer overflow in Microsoft Word 2000, 2002, 2003, 2004 for Mac, and v.X for Mac allows remote user-assisted attackers to execute arbitrary code via a crafted string in a Word document, which overflows a 16-bit integer length value, aka "Memmove Code Execution," a different vulnerability than CVE-2006-3651 and CVE-2006-4693.

Daten sind bereitgestellt durch National Vulnerability Database (NVD)
MicrosoftOffice Version2000
MicrosoftOffice Version2000 Langja
MicrosoftOffice Version2000 Langko
MicrosoftOffice Version2000 Langzh
MicrosoftOffice Version2000 Updatesp1
MicrosoftOffice Version2000 Updatesp2
MicrosoftOffice Version2000 Updatesp3
MicrosoftOffice Version2001
MicrosoftOffice Version2001 SwPlatformmac_os_x
MicrosoftOffice Version2001 Updatesr1 SwPlatformmac_os_x
MicrosoftOffice Version2003 SwEditionstudent_teacher
MicrosoftOffice Version2003 Updatesp1
MicrosoftOffice Version2003 Updatesp2
MicrosoftOffice Version2003 Updatesp3
MicrosoftOffice Version2004 SwPlatformmac_os_x
MicrosoftOffice Versionv.x
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 10.13% 0.928
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 9.3 8.6 10
AV:N/AC:M/Au:N/C:C/I:C/A:C
http://securitytracker.com/id?1017032
Third Party Advisory
VDB Entry
http://www.securityfocus.com/bid/20341
Third Party Advisory
VDB Entry