CVSS: 9.3EPSS: 8%CPEs: 35EXPL: 0CVE-2006-3877
https://notcve.org/view.php?id=CVE-2006-3877
Unspecified vulnerability in PowerPoint in Microsoft Office 2000, Office 2002, Office 2003, Office 2004 for Mac, and Office v.X for Mac allows user-assisted attackers to execute arbitrary code via an unspecified "crafted file," a different vulnerability than CVE-2006-3435, CVE-2006-4694, and CVE-2006-3876. Vulnerabilidad no especificada en PowerPoint en Microsoft Office 2000, Office 2002, Office 2003, Office 2004 para Mac, y Office v.X para Mac permite a atacantes con la intervención del usuario ejecutar código de su elección mediante un "fichero artesanal" no especificado, una vulnerabilidad diferente que CVE-2006-3435, CVE-2006-4694, y CVE-2006-3876. • http://securitytracker.com/id?1017030 http://www.kb.cert.org/vuls/id/205948 http://www.osvdb.org/29448 http://www.securityfocus.com/archive/1/449179/100/0/threaded http://www.securityfocus.com/bid/20325 http://www.us-cert.gov/cas/techalerts/TA07-044A.html http://www.vupen.com/english/advisories/2006/3977 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-058 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-015 https& • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 7.5EPSS: 1%CPEs: 13EXPL: 0CVE-2006-3449
https://notcve.org/view.php?id=CVE-2006-3449
Unspecified vulnerability in Microsoft PowerPoint 2000 through 2003, possibly a buffer overflow, allows user-assisted remote attackers to execute arbitrary commands via a malformed record in the BIFF file format used in a PPT file, a different issue than CVE-2006-1540, aka "Microsoft PowerPoint Malformed Record Vulnerability." Vulnerabilidad no especificada en Microsoft PowerPoint 2000 hasta 2003, posiblemenet un desbordamiento de búfer, permite a atacantes remotos con intervención del usuario ejecutar comandos de su elección mediante un registro mal formado en el formato de archivo BIFF utilizado en un archivo PPT, un problema distinto de CVE-2006-1540, también conocido como "Vulnerabilidad de Registro Mal Formado de Microsoft PowerPoint" ("Microsoft PowerPoint Malformed Record Vulnerability"). • http://securityreason.com/securityalert/1342 http://securitytracker.com/id?1016657 http://secway.org/advisory/AD20060808.txt http://www.kb.cert.org/vuls/id/884252 http://www.securityfocus.com/archive/1/442592/100/0/threaded http://www.securityfocus.com/bid/19341 http://www.us-cert.gov/cas/techalerts/TA06-220A.html https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-048 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3 •
CVSS: 5.1EPSS: 88%CPEs: 3EXPL: 2CVE-2006-3655 – Microsoft PowerPoint 2003 - 'mso.dll' '.PPT' Processing Code Execution
https://notcve.org/view.php?id=CVE-2006-3655
Unspecified vulnerability in mso.dll in Microsoft PowerPoint 2003 allows user-assisted attackers to execute arbitrary code via a crafted PowerPoint file. NOTE: due to the lack of available details as of 20060717, it is unclear how this is related to CVE-2006-3656, CVE-2006-3660, and CVE-2006-3590, although it is possible that they are all different. Vulnerabilidad no especificada en mso.dll en Microsoft PowerPoint 2003 permite a atacantes con la intervención del usuario ejecutar código de su elección a través de un archivo PowerPoint manipulado. NOTA: Debido a la falta de detalles disponibles en fecha 20060717, es confuso cómo esto se relaciona con CVE-2006-3656, CVE-2006-3660, y CVE-2006-3590, aunque es posible que sean todos diferentes. • https://www.exploit-db.com/exploits/28224 http://secunia.com/advisories/21061 http://www.osvdb.org/27325 http://www.securityfocus.com/archive/1/440107/100/0/threaded http://www.securityfocus.com/archive/1/440370/100/0/threaded http://www.securityfocus.com/archive/1/440867/100/0/threaded http://www.securityfocus.com/bid/18993 http://www.vupen.com/english/advisories/2006/2815 https://exchange.xforce.ibmcloud.com/vulnerabilities/27781 •
CVSS: 2.6EPSS: 78%CPEs: 3EXPL: 2CVE-2006-3656 – Microsoft PowerPoint 2003 - '.ppt' File Closure Memory Corruption
https://notcve.org/view.php?id=CVE-2006-3656
Unspecified vulnerability in Microsoft PowerPoint 2003 allows user-assisted attackers to cause memory corruption via a crafted PowerPoint file, which triggers the corruption when the file is closed. NOTE: due to the lack of available details as of 20060717, it is unclear how this is related to CVE-2006-3655, CVE-2006-3660, and CVE-2006-3590, although it is possible that they are all different. Vulnerabilidad no especificada en Microsoft PowerPoint 2003 permite a atacantes con la complicidad del usuario provocar una corrupción de memoria mediante un fichero PowerPoint manipulado artesanalmente, lo cual provoca la corrupción al cerrar el fichero. NOTA: debido a la falta de detalles disponibles desde el 17/07/2007, no está claro como esto está relacionado con CVE-2006-3655, CVE-2006-3660, y CVE-2006-3590, aunque es posible que todas ellas sean diferentes. • https://www.exploit-db.com/exploits/28226 http://downloads.securityfocus.com/vulnerabilities/exploits/PP2003sp2patched_fr_exploit-method.txt http://packetstormsecurity.org/0607-exploits/mspp-poc3.txt http://secunia.com/advisories/21061 http://www.securityfocus.com/archive/1/440108/100/0/threaded http://www.securityfocus.com/archive/1/440370/100/0/threaded http://www.securityfocus.com/archive/1/440867/100/0/threaded http://www.securityfocus.com/bid/18993 http://www.securityfocus.com/bid/ •
CVSS: 7.6EPSS: 47%CPEs: 3EXPL: 3CVE-2006-3660 – Microsoft PowerPoint 2003 - 'powerpnt.exe' Remote Overflow
https://notcve.org/view.php?id=CVE-2006-3660
Unspecified vulnerability in Microsoft PowerPoint 2003 has unknown impact and user-assisted attack vectors related to powerpnt.exe. NOTE: due to the lack of available details as of 20060717, it is unclear how this is related to CVE-2006-3655, CVE-2006-3656, and CVE-2006-3590, although it is possible that they are all different. Vulnerabilidad no especificada en Microsoft PowerPoint 2003 tiene impacto desconocido y vectores de ataque con intervención del usuario relacionados con powerpnt.exe. NOTA: debido a la falta de detalles disponibles a fecha de 17/07/2006, no está claro cómo está relacionado con CVE-2006-3655, CVE-2006-3656, y CVE-2006-3590, aunque es posible que sean todas diferentes. • https://www.exploit-db.com/exploits/28225 http://secunia.com/advisories/21061 http://www.securityfocus.com/archive/1/440106/30/30/threaded http://www.securityfocus.com/archive/1/440370/100/0/threaded http://www.securityfocus.com/archive/1/440867/100/0/threaded http://www.securityfocus.com/bid/18993 http://www.vupen.com/english/advisories/2006/2815 https://exchange.xforce.ibmcloud.com/vulnerabilities/27783 •