CVSS: 9.3EPSS: 96%CPEs: 11EXPL: 0CVE-2006-6456
https://notcve.org/view.php?id=CVE-2006-6456
Unspecified vulnerability in Microsoft Word 2000, 2002, and 2003 and Word Viewer 2003 allows remote attackers to execute code via unspecified vectors related to malformed data structures that trigger memory corruption, a different vulnerability than CVE-2006-5994. Vulnerabilidad no especificada en Microsoft Word 2000, 2002, y 2003 y Word Viewer 2003 permite a atacantes remotos ejecutar código de su elección a través de vectores no especificados relacionados con estructuras de datos mal formadas que disparan una corrupción de memoria, una vulnerabilidad distinta de CVE-2006-5994. • http://archives.neohapsis.com/archives/fulldisclosure/2006-12/0199.html http://archives.neohapsis.com/archives/fulldisclosure/2006-12/0215.html http://blogs.technet.com/msrc/archive/2006/12/10/new-report-of-a-word-zero-day.aspx http://isc.sans.org/diary.php?storyid=1925 http://secunia.com/advisories/23205 http://securitytracker.com/id?1017358 http://securitytracker.com/id?1017579 http://vil.mcafeesecurity.com/vil/content/v_141056.htm http://vil.mcafeesecurity.com/vil/content/v_ •
CVSS: 9.3EPSS: 83%CPEs: 11EXPL: 0CVE-2006-5994
https://notcve.org/view.php?id=CVE-2006-5994
Unspecified vulnerability in Microsoft Word 2000 and 2002, Office Word and Word Viewer 2003, Word 2004 and 2004 v. X for Mac, and Works 2004, 2005, and 2006 allows remote attackers to execute arbitrary code via a Word document with a malformed string that triggers memory corruption, a different vulnerability than CVE-2006-6456. Vulnerabilidad no especificada en Microsoft Word 2000 y 2002, Office Word y Word Viewer 2003, Word 2004 y 2004 v. X para Mac, y Works 2004, 2005, y 2006 permite a atacantes remotos ejecutar código de su elección mediante un documento Word con una cadena mal formada que provoca una corrupción de memoria, una vulnerabilidad diferente que CVE-2006-6456. • http://blogs.securiteam.com/?p=759 http://blogs.technet.com/msrc/archive/2006/12/06/microsoft-security-advisory-929433-posted.aspx http://secunia.com/advisories/23232 http://securitytracker.com/id?1017339 http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9005698&intsrc=hm_list http://www.kb.cert.org/vuls/id/167928 http://www.microsoft.com/technet/security/advisory/929433.mspx http://www.osvdb.org/30824 http://www.securityfocus.com/archive/1/453735/10 •
CVSS: 9.3EPSS: 8%CPEs: 35EXPL: 0CVE-2006-3877
https://notcve.org/view.php?id=CVE-2006-3877
Unspecified vulnerability in PowerPoint in Microsoft Office 2000, Office 2002, Office 2003, Office 2004 for Mac, and Office v.X for Mac allows user-assisted attackers to execute arbitrary code via an unspecified "crafted file," a different vulnerability than CVE-2006-3435, CVE-2006-4694, and CVE-2006-3876. Vulnerabilidad no especificada en PowerPoint en Microsoft Office 2000, Office 2002, Office 2003, Office 2004 para Mac, y Office v.X para Mac permite a atacantes con la intervención del usuario ejecutar código de su elección mediante un "fichero artesanal" no especificado, una vulnerabilidad diferente que CVE-2006-3435, CVE-2006-4694, y CVE-2006-3876. • http://securitytracker.com/id?1017030 http://www.kb.cert.org/vuls/id/205948 http://www.osvdb.org/29448 http://www.securityfocus.com/archive/1/449179/100/0/threaded http://www.securityfocus.com/bid/20325 http://www.us-cert.gov/cas/techalerts/TA07-044A.html http://www.vupen.com/english/advisories/2006/3977 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-058 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-015 https& • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.3EPSS: 63%CPEs: 3EXPL: 0CVE-2006-3651
https://notcve.org/view.php?id=CVE-2006-3651
Unspecified vulnerability in Microsoft Word 2000, 2002, and Office 2003 allows remote user-assisted attackers to execute arbitrary code via a crafted mail merge file, a different vulnerability than CVE-2006-3647 and CVE-2006-4693. Vulnerabilidad no especificada en Microsoft Word 2000, 2002, y Office 2003 permite a atacantes remotos con la complicidad del usuario ejecutar código de su elección mediante un fichero de correo electrónico fusionado artesanal, una vulnerabilidad diferente que CVE-2006-3647 y CVE-2006-4693. • http://securitytracker.com/id?1017032 http://www.kb.cert.org/vuls/id/921300 http://www.securityfocus.com/archive/1/449179/100/0/threaded http://www.securityfocus.com/bid/20358 http://www.vupen.com/english/advisories/2006/3979 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-060 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A51 •
CVSS: 7.5EPSS: 11%CPEs: 2EXPL: 0CVE-2005-0564
https://notcve.org/view.php?id=CVE-2005-0564
Stack-based buffer overflow in Microsoft Word 2000 and Word 2002, and Microsoft Works Suites 2000 through 2004, might allow remote attackers to execute arbitrary code via a .doc file with long font information. • http://www.idefense.com/application/poi/display?id=281&type=vulnerabilities http://www.kb.cert.org/vuls/id/218621 http://www.us-cert.gov/cas/techalerts/TA05-193A.html https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-035 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1190 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1331 •