CVE-2006-3493 (GCVE-0-2006-3493)

Vulnerability from cvelistv5 – Published: 2006-07-10 22:00 – Updated: 2024-08-07 18:30
VLAI
Summary
Buffer overflow in LsCreateLine function (mso_203) in mso.dll and mso9.dll, as used by Microsoft Word and possibly other products in Microsoft Office 2003, 2002, and 2000, allows remote user-assisted attackers to cause a denial of service (crash) via a crafted Word DOC or other Office file type. NOTE: this issue was originally reported to allow code execution, but on 20060710 Microsoft stated that code execution is not possible, and the original researcher agrees.
Severity
No CVSS data available.
CWE
  • n/a
Assigner
References
Date Public
2006-07-07 00:00
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T18:30:33.996Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "18905",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/18905"
          },
          {
            "name": "20060710 MS Word Unchecked Boundary Condition Vulnerability",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/439649/100/0/threaded"
          },
          {
            "name": "1016453",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1016453"
          },
          {
            "name": "20060707 MS Word Unchecked Boundary Condition Vulnerability - POC",
            "tags": [
              "mailing-list",
              "x_refsource_FULLDISC",
              "x_transferred"
            ],
            "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-July/047732.html"
          },
          {
            "name": "ADV-2006-2720",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2006/2720"
          },
          {
            "name": "20060707 MS Word Unchecked Boundary Condition",
            "tags": [
              "mailing-list",
              "x_refsource_FULLDISC",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=full-disclosure\u0026m=115231380526820\u0026w=2"
          },
          {
            "name": "20060711 Fuzzing Microsoft Office",
            "tags": [
              "mailing-list",
              "x_refsource_FULLDISC",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=full-disclosure\u0026m=115261598510657\u0026w=2"
          },
          {
            "name": "office-lscreateline-dos(27617)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27617"
          },
          {
            "name": "20060711 Fuzzing Microsoft Office",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/439878/100/0/threaded"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://blogs.technet.com/msrc/archive/2006/07/10/441006.aspx"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2006-07-07T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Buffer overflow in LsCreateLine function (mso_203) in mso.dll and mso9.dll, as used by Microsoft Word and possibly other products in Microsoft Office 2003, 2002, and 2000, allows remote user-assisted attackers to cause a denial of service (crash) via a crafted Word DOC or other Office file type.  NOTE: this issue was originally reported to allow code execution, but on 20060710 Microsoft stated that code execution is not possible, and the original researcher agrees."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-18T14:57:01.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "18905",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/18905"
        },
        {
          "name": "20060710 MS Word Unchecked Boundary Condition Vulnerability",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/439649/100/0/threaded"
        },
        {
          "name": "1016453",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1016453"
        },
        {
          "name": "20060707 MS Word Unchecked Boundary Condition Vulnerability - POC",
          "tags": [
            "mailing-list",
            "x_refsource_FULLDISC"
          ],
          "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-July/047732.html"
        },
        {
          "name": "ADV-2006-2720",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2006/2720"
        },
        {
          "name": "20060707 MS Word Unchecked Boundary Condition",
          "tags": [
            "mailing-list",
            "x_refsource_FULLDISC"
          ],
          "url": "http://marc.info/?l=full-disclosure\u0026m=115231380526820\u0026w=2"
        },
        {
          "name": "20060711 Fuzzing Microsoft Office",
          "tags": [
            "mailing-list",
            "x_refsource_FULLDISC"
          ],
          "url": "http://marc.info/?l=full-disclosure\u0026m=115261598510657\u0026w=2"
        },
        {
          "name": "office-lscreateline-dos(27617)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27617"
        },
        {
          "name": "20060711 Fuzzing Microsoft Office",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/439878/100/0/threaded"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://blogs.technet.com/msrc/archive/2006/07/10/441006.aspx"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2006-3493",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Buffer overflow in LsCreateLine function (mso_203) in mso.dll and mso9.dll, as used by Microsoft Word and possibly other products in Microsoft Office 2003, 2002, and 2000, allows remote user-assisted attackers to cause a denial of service (crash) via a crafted Word DOC or other Office file type.  NOTE: this issue was originally reported to allow code execution, but on 20060710 Microsoft stated that code execution is not possible, and the original researcher agrees."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "18905",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/18905"
            },
            {
              "name": "20060710 MS Word Unchecked Boundary Condition Vulnerability",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/439649/100/0/threaded"
            },
            {
              "name": "1016453",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1016453"
            },
            {
              "name": "20060707 MS Word Unchecked Boundary Condition Vulnerability - POC",
              "refsource": "FULLDISC",
              "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-July/047732.html"
            },
            {
              "name": "ADV-2006-2720",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2006/2720"
            },
            {
              "name": "20060707 MS Word Unchecked Boundary Condition",
              "refsource": "FULLDISC",
              "url": "http://marc.info/?l=full-disclosure\u0026m=115231380526820\u0026w=2"
            },
            {
              "name": "20060711 Fuzzing Microsoft Office",
              "refsource": "FULLDISC",
              "url": "http://marc.info/?l=full-disclosure\u0026m=115261598510657\u0026w=2"
            },
            {
              "name": "office-lscreateline-dos(27617)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27617"
            },
            {
              "name": "20060711 Fuzzing Microsoft Office",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/439878/100/0/threaded"
            },
            {
              "name": "http://blogs.technet.com/msrc/archive/2006/07/10/441006.aspx",
              "refsource": "MISC",
              "url": "http://blogs.technet.com/msrc/archive/2006/07/10/441006.aspx"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2006-3493",
    "datePublished": "2006-07-10T22:00:00.000Z",
    "dateReserved": "2006-07-10T00:00:00.000Z",
    "dateUpdated": "2024-08-07T18:30:33.996Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2006-3493",
      "date": "2026-05-31",
      "epss": "0.57694",
      "percentile": "0.98203"
    },
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:microsoft:office:2000:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A9A82D13-513C-46FA-AF51-0582233E230A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:microsoft:office:2000:sp1:*:*:*:*:*:*\", \"matchCriteriaId\": \"3C54DDAF-8D7F-4A7D-9186-6048D4C850B2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:microsoft:office:2000:sp2:*:*:*:*:*:*\", \"matchCriteriaId\": \"67388076-420D-4327-A436-329177EA6F42\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:microsoft:office:2000:sp3:*:*:*:*:*:*\", \"matchCriteriaId\": \"4891122F-AD7F-45E6-98C6-833227916F6B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:microsoft:office:2003:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DB7EA4CC-E705-42DB-86B6-E229DA36B66D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:microsoft:office:2003:sp1:*:*:*:*:*:*\", \"matchCriteriaId\": \"4EED9D78-AE73-44BA-A1CE-603994E92E89\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:microsoft:office:2003:sp2:*:*:*:*:*:*\", \"matchCriteriaId\": \"07D3F3E4-93FB-481A-94D9-075E726697C4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:microsoft:office:2003:sp3:*:*:*:*:*:*\", \"matchCriteriaId\": \"A332D04D-CC8C-4F68-A261-BA2F2D8EAD1E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:microsoft:office:xp:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"34FA62BE-D804-402D-9BDD-68BC70ECCD76\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:microsoft:office:xp:sp1:*:*:*:*:*:*\", \"matchCriteriaId\": \"5AB85A3C-EFA3-485D-84C5-7976718AEAE0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:microsoft:office:xp:sp2:*:*:*:*:*:*\", \"matchCriteriaId\": \"9D02D769-061D-44A5-B019-F4E653DF615A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:microsoft:office:xp:sp3:*:*:*:*:*:*\", \"matchCriteriaId\": \"79BA1175-7F02-4435-AEA6-1BA8AADEB7EF\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Buffer overflow in LsCreateLine function (mso_203) in mso.dll and mso9.dll, as used by Microsoft Word and possibly other products in Microsoft Office 2003, 2002, and 2000, allows remote user-assisted attackers to cause a denial of service (crash) via a crafted Word DOC or other Office file type.  NOTE: this issue was originally reported to allow code execution, but on 20060710 Microsoft stated that code execution is not possible, and the original researcher agrees.\"}, {\"lang\": \"es\", \"value\": \"Desbordamiento de b\\u00fafer en la funci\\u00f3n LsCreateLine (mso_203) en mso.dll y mso9.dll, tal como se utiliza en Microsoft Word y posiblemente en otros productos en Microsoft Office 2003, 2002 y 2000, permite a atacantes remotos asistidos por usuario provocar una denegaci\\u00f3n de servicio (ca\\u00edda) a trav\\u00e9s de un documento Word manipulado u otro tipo de archivo Office. NOTA: este problema fue originalmente reportado para permitir ejecuci\\u00f3n de c\\u00f3digo, pero el 10-07-2006 Microsoft declar\\u00f3 que la ejecuci\\u00f3n de c\\u00f3digo no es posible y el investigador original est\\u00e1 de acuerdo.\"}]",
      "id": "CVE-2006-3493",
      "lastModified": "2024-11-21T00:13:44.910",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:H/Au:N/C:P/I:P/A:P\", \"baseScore\": 5.1, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"HIGH\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 4.9, \"impactScore\": 6.4, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": true, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": true}]}",
      "published": "2006-07-10T22:05:00.000",
      "references": "[{\"url\": \"http://blogs.technet.com/msrc/archive/2006/07/10/441006.aspx\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://lists.grok.org.uk/pipermail/full-disclosure/2006-July/047732.html\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://marc.info/?l=full-disclosure\u0026m=115231380526820\u0026w=2\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://marc.info/?l=full-disclosure\u0026m=115261598510657\u0026w=2\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://securitytracker.com/id?1016453\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.securityfocus.com/archive/1/439649/100/0/threaded\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.securityfocus.com/archive/1/439878/100/0/threaded\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.securityfocus.com/bid/18905\", \"source\": \"cve@mitre.org\", \"tags\": [\"Exploit\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2006/2720\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/27617\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://blogs.technet.com/msrc/archive/2006/07/10/441006.aspx\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://lists.grok.org.uk/pipermail/full-disclosure/2006-July/047732.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://marc.info/?l=full-disclosure\u0026m=115231380526820\u0026w=2\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://marc.info/?l=full-disclosure\u0026m=115261598510657\u0026w=2\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://securitytracker.com/id?1016453\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/archive/1/439649/100/0/threaded\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/archive/1/439878/100/0/threaded\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/bid/18905\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2006/2720\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/27617\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "cve@mitre.org",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"NVD-CWE-Other\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2006-3493\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2006-07-10T22:05:00.000\",\"lastModified\":\"2026-04-16T00:27:16.627\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Buffer overflow in LsCreateLine function (mso_203) in mso.dll and mso9.dll, as used by Microsoft Word and possibly other products in Microsoft Office 2003, 2002, and 2000, allows remote user-assisted attackers to cause a denial of service (crash) via a crafted Word DOC or other Office file type.  NOTE: this issue was originally reported to allow code execution, but on 20060710 Microsoft stated that code execution is not possible, and the original researcher agrees.\"},{\"lang\":\"es\",\"value\":\"Desbordamiento de b\u00fafer en la funci\u00f3n LsCreateLine (mso_203) en mso.dll y mso9.dll, tal como se utiliza en Microsoft Word y posiblemente en otros productos en Microsoft Office 2003, 2002 y 2000, permite a atacantes remotos asistidos por usuario provocar una denegaci\u00f3n de servicio (ca\u00edda) a trav\u00e9s de un documento Word manipulado u otro tipo de archivo Office. NOTA: este problema fue originalmente reportado para permitir ejecuci\u00f3n de c\u00f3digo, pero el 10-07-2006 Microsoft declar\u00f3 que la ejecuci\u00f3n de c\u00f3digo no es posible y el investigador original est\u00e1 de acuerdo.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:H/Au:N/C:P/I:P/A:P\",\"baseScore\":5.1,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"HIGH\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":4.9,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":true,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-Other\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:office:2000:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A9A82D13-513C-46FA-AF51-0582233E230A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:office:2000:sp1:*:*:*:*:*:*\",\"matchCriteriaId\":\"3C54DDAF-8D7F-4A7D-9186-6048D4C850B2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:office:2000:sp2:*:*:*:*:*:*\",\"matchCriteriaId\":\"67388076-420D-4327-A436-329177EA6F42\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:office:2000:sp3:*:*:*:*:*:*\",\"matchCriteriaId\":\"4891122F-AD7F-45E6-98C6-833227916F6B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:office:2003:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DB7EA4CC-E705-42DB-86B6-E229DA36B66D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:office:2003:sp1:*:*:*:*:*:*\",\"matchCriteriaId\":\"4EED9D78-AE73-44BA-A1CE-603994E92E89\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:office:2003:sp2:*:*:*:*:*:*\",\"matchCriteriaId\":\"07D3F3E4-93FB-481A-94D9-075E726697C4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:office:2003:sp3:*:*:*:*:*:*\",\"matchCriteriaId\":\"A332D04D-CC8C-4F68-A261-BA2F2D8EAD1E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:office:xp:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"34FA62BE-D804-402D-9BDD-68BC70ECCD76\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:office:xp:sp1:*:*:*:*:*:*\",\"matchCriteriaId\":\"5AB85A3C-EFA3-485D-84C5-7976718AEAE0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:office:xp:sp2:*:*:*:*:*:*\",\"matchCriteriaId\":\"9D02D769-061D-44A5-B019-F4E653DF615A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:office:xp:sp3:*:*:*:*:*:*\",\"matchCriteriaId\":\"79BA1175-7F02-4435-AEA6-1BA8AADEB7EF\"}]}]}],\"references\":[{\"url\":\"http://blogs.technet.com/msrc/archive/2006/07/10/441006.aspx\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://lists.grok.org.uk/pipermail/full-disclosure/2006-July/047732.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://marc.info/?l=full-disclosure\u0026m=115231380526820\u0026w=2\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://marc.info/?l=full-disclosure\u0026m=115261598510657\u0026w=2\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://securitytracker.com/id?1016453\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/archive/1/439649/100/0/threaded\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/archive/1/439878/100/0/threaded\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/18905\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\"]},{\"url\":\"http://www.vupen.com/english/advisories/2006/2720\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/27617\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://blogs.technet.com/msrc/archive/2006/07/10/441006.aspx\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.grok.org.uk/pipermail/full-disclosure/2006-July/047732.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://marc.info/?l=full-disclosure\u0026m=115231380526820\u0026w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://marc.info/?l=full-disclosure\u0026m=115261598510657\u0026w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://securitytracker.com/id?1016453\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/archive/1/439649/100/0/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/archive/1/439878/100/0/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/18905\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\"]},{\"url\":\"http://www.vupen.com/english/advisories/2006/2720\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/27617\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.





Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.


Detection rules are retrieved from Rulezet.