CVE-2006-0007
Technical Cyber Security Alert 2006-192A
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
Buffer overflow in GIFIMP32.FLT, as used in Microsoft Office 2003 SP1 and SP2, Office XP SP3, Office 2000 SP3, and other products, allows user-assisted attackers to execute arbitrary code via a crafted GIF image that triggers memory corruption when it is parsed.
Desbordamiento de búfer en GIFIMP32.FLT, usado por Microsoft Office 2003 SP1 and SP2, Office XP SP3, Office 2000 SP3, y otros productos, permite ataques asistidos por usuario para ejecutar código de su elección mediante una imagen GIF especialmente modificada para provocar la corrupción de la memoria cuando es analizada sintácticamente.
Microsoft has released updates that address critical vulnerabilities in Microsoft Windows, IIS, and Office. Exploitation of these vulnerabilities could allow a remote, unauthenticated attacker to execute arbitrary code or cause a denial of service on a vulnerable system.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2005-11-09 CVE Reserved
- 2006-07-11 CVE Published
- 2024-08-07 CVE Updated
- 2025-03-30 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
CAPEC
References (11)
| URL | Tag | Source |
|---|---|---|
| http://archives.neohapsis.com/archives/vulnwatch/2006-q3/0005.html | Mailing List | |
| http://secunia.com/advisories/21013 | Third Party Advisory | |
| http://securitytracker.com/id?1016470 | Vdb Entry | |
| http://www.kb.cert.org/vuls/id/668564 | Third Party Advisory |
|
| http://www.osvdb.org/27146 | Vdb Entry | |
| http://www.securityfocus.com/archive/1/439887/100/0/threaded | Mailing List | |
| http://www.securityfocus.com/bid/18915 | Vdb Entry | |
| http://www.us-cert.gov/cas/techalerts/TA06-192A.html | Third Party Advisory | |
| http://www.vupen.com/english/advisories/2006/2757 | Vdb Entry | |
| https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A21 | Signature |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-039 | 2018-10-19 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Microsoft Search vendor "Microsoft" | Office Search vendor "Microsoft" for product "Office" | 2000 Search vendor "Microsoft" for product "Office" and version "2000" | sp3 |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Office Search vendor "Microsoft" for product "Office" | 2003 Search vendor "Microsoft" for product "Office" and version "2003" | sp1 |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Office Search vendor "Microsoft" for product "Office" | 2003 Search vendor "Microsoft" for product "Office" and version "2003" | sp2 |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Office Search vendor "Microsoft" for product "Office" | xp Search vendor "Microsoft" for product "Office" and version "xp" | sp3 |
Affected
| ||||||