CVSS: 9.3EPSS: 96%CPEs: 11EXPL: 0CVE-2006-6456
https://notcve.org/view.php?id=CVE-2006-6456
Unspecified vulnerability in Microsoft Word 2000, 2002, and 2003 and Word Viewer 2003 allows remote attackers to execute code via unspecified vectors related to malformed data structures that trigger memory corruption, a different vulnerability than CVE-2006-5994. Vulnerabilidad no especificada en Microsoft Word 2000, 2002, y 2003 y Word Viewer 2003 permite a atacantes remotos ejecutar código de su elección a través de vectores no especificados relacionados con estructuras de datos mal formadas que disparan una corrupción de memoria, una vulnerabilidad distinta de CVE-2006-5994. • http://archives.neohapsis.com/archives/fulldisclosure/2006-12/0199.html http://archives.neohapsis.com/archives/fulldisclosure/2006-12/0215.html http://blogs.technet.com/msrc/archive/2006/12/10/new-report-of-a-word-zero-day.aspx http://isc.sans.org/diary.php?storyid=1925 http://secunia.com/advisories/23205 http://securitytracker.com/id?1017358 http://securitytracker.com/id?1017579 http://vil.mcafeesecurity.com/vil/content/v_141056.htm http://vil.mcafeesecurity.com/vil/content/v_ •
CVSS: 9.3EPSS: 83%CPEs: 11EXPL: 0CVE-2006-5994
https://notcve.org/view.php?id=CVE-2006-5994
Unspecified vulnerability in Microsoft Word 2000 and 2002, Office Word and Word Viewer 2003, Word 2004 and 2004 v. X for Mac, and Works 2004, 2005, and 2006 allows remote attackers to execute arbitrary code via a Word document with a malformed string that triggers memory corruption, a different vulnerability than CVE-2006-6456. Vulnerabilidad no especificada en Microsoft Word 2000 y 2002, Office Word y Word Viewer 2003, Word 2004 y 2004 v. X para Mac, y Works 2004, 2005, y 2006 permite a atacantes remotos ejecutar código de su elección mediante un documento Word con una cadena mal formada que provoca una corrupción de memoria, una vulnerabilidad diferente que CVE-2006-6456. • http://blogs.securiteam.com/?p=759 http://blogs.technet.com/msrc/archive/2006/12/06/microsoft-security-advisory-929433-posted.aspx http://secunia.com/advisories/23232 http://securitytracker.com/id?1017339 http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9005698&intsrc=hm_list http://www.kb.cert.org/vuls/id/167928 http://www.microsoft.com/technet/security/advisory/929433.mspx http://www.osvdb.org/30824 http://www.securityfocus.com/archive/1/453735/10 •
CVSS: 2.6EPSS: 33%CPEs: 1EXPL: 2CVE-2006-3653 – Microsoft Works 8.0 Spreadsheet - Multiple Vulnerabilities
https://notcve.org/view.php?id=CVE-2006-3653
wksss.exe 8.4.702.0 in Microsoft Works Spreadsheet 8.0 allows remote attackers to cause a denial of service (CPU consumption or crash) via crafted (1) Works, (2) Excel, and (3) Lotus 1-2-3 files. wksss.exe 8.4.702.0 en Microsoft Works Spreadshhet 8.0 permite a atacantes remotos causar una denegación de servicio (Consumición de CPU o caída) mediante ficheros artesanales de (1) Works, (2) Excel, y (3) Lotus 1-2-3. • https://www.exploit-db.com/exploits/28222 http://securitytracker.com/id?1016504 http://www.securityfocus.com/archive/1/440056/100/0/threaded http://www.securityfocus.com/bid/18989 http://www.vupen.com/english/advisories/2006/2813 •
CVSS: 2.6EPSS: 70%CPEs: 1EXPL: 1CVE-2006-3654
https://notcve.org/view.php?id=CVE-2006-3654
Buffer overflow in wksss.exe 8.4.702.0 in Microsoft Works Spreadsheet 8.0 allows remote attackers to cause a denial of service (CPU consumption or crash) via crafted Excel files. Desbordamiento de búfer en wksss.exe 8.4.702.0 en Microsoft Works Spreadsheet 8.0 permite a atacantes remotos provocar denegación de servicio (consumo de CPU o caida) a través de archivos EXCEL manipulados. • http://securitytracker.com/id?1016504 http://www.securityfocus.com/archive/1/440056/100/0/threaded http://www.securityfocus.com/bid/18989 http://www.vupen.com/english/advisories/2006/2813 https://exchange.xforce.ibmcloud.com/vulnerabilities/27794 •
CVSS: 8.8EPSS: 75%CPEs: 5EXPL: 2CVE-2006-2492 – Microsoft Word Malformed Object Pointer Vulnerability
https://notcve.org/view.php?id=CVE-2006-2492
Buffer overflow in Microsoft Word in Office 2000 SP3, Office XP SP3, Office 2003 Sp1 and SP2, and Microsoft Works Suites through 2006, allows user-assisted attackers to execute arbitrary code via a malformed object pointer, as originally reported by ISC on 20060519 for a zero-day attack. Microsoft Word and Microsoft Works Suites contain a malformed object pointer which allows attackers to execute code. • http://blogs.technet.com/msrc/archive/2006/05/19/429353.aspx http://isc.sans.org/diary.php?storyid=1345 http://isc.sans.org/diary.php?storyid=1346 http://secunia.com/advisories/20153 http://securitytracker.com/id?1016130 http://www.kb.cert.org/vuls/id/446012 http://www.microsoft.com/technet/security/advisory/919637.mspx http://www.osvdb.org/25635 http://www.securityfocus.com/bid/18037 http://www.us-cert.gov/cas/techalerts/TA06-139A.html http://www.us- • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •