9.3

CVE-2006-6561

Exploit
Unspecified vulnerability in Microsoft Word 2000, 2002, and Word Viewer 2003 allows user-assisted remote attackers to execute arbitrary code via a crafted DOC file that triggers memory corruption, as demonstrated via the 12122006-djtest.doc file, a different issue than CVE-2006-5994 and CVE-2006-6456.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
MicrosoftOffice Version2000 Updatesp3
MicrosoftOffice Version2003 Updatesp2
MicrosoftOffice Version2004 Editionmac
MicrosoftOffice Versionxp Updatesp3
MicrosoftWord Version2000
MicrosoftWord Version2002
MicrosoftWord Version2003
MicrosoftWord Viewer Version2003
MicrosoftWorks Version2004
MicrosoftWorks Version2005
MicrosoftWorks Version2006
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 40.2% 0.985
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 9.3 8.6 10
AV:N/AC:M/Au:N/C:C/I:C/A:C
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://blogs.securiteam.com/?p=763
http://blogs.technet.com/msrc/archive/2006/12/15/update-on-current-word-vulnerability-reports.aspx
http://research.eeye.com/html/alerts/zeroday/20061212.html
Vendor Advisory
http://securitytracker.com/id?1017390
http://www.infoworld.com/article/06/12/13/HNthirdword_1.html
http://www.kb.cert.org/vuls/id/996892
Third Party Advisory
US Government Resource
http://www.milw0rm.com/sploits/12122006-djtest.doc
Exploit
http://www.securityfocus.com/archive/1/454219/30/0/threaded
Exploit
http://www.securityfocus.com/bid/21589
Vendor Advisory
http://www.vupen.com/english/advisories/2006/4997
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/30885
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A332