CVE-2006-5296
Microsoft Office 2003 - '.PPT' Local Buffer Overflow (PoC)
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
2Exploited in Wild
-Decision
Descriptions
PowerPoint in Microsoft Office 2003 does not properly handle a container object whose position value exceeds the record length, which allows user-assisted attackers to cause a denial of service (NULL dereference and application crash) via a crafted PowerPoint (.PPT) file, as demonstrated by Nanika.ppt, and a different vulnerability than CVE-2006-3435, CVE-2006-3876, CVE-2006-3877, and CVE-2006-4694. NOTE: the impact of this issue was originally claimed to be arbitrary code execution, but later analysis demonstrated that this was erroneous.
PowerPoint en Microsoft Office 2003 no maneja adecuadamente un objeto contenedor cuyo valor de posición excede la longitud del registro, lo cual permite a usuarios autenticados remotamente provocar una denegación de servicio (referencia NULL y caída de aplicación) mediante un archivo PowerPoint (.PPT) manipulado, como ha demostrado Nanika.ppt. Es una vulnerabilidad diferente de CVE-2006-3435, CVE-2006-3876, CVE-2006-3877, y CVE-2006-4694. NOTA: el impacto de este problema fue originalmente clasificado como ejecución de código arbitrario, pero un análisis posterior ha demostrado que esta afirmación era errónea.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2006-10-16 CVE Reserved
- 2006-10-16 CVE Published
- 2024-08-07 CVE Updated
- 2024-08-07 First Exploit
- 2024-09-05 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
CAPEC
References (11)
URL | Date | SRC |
---|---|---|
https://www.exploit-db.com/exploits/2523 | 2024-08-07 | |
http://www.securityfocus.com/bid/20495 | 2024-08-07 |
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
http://secunia.com/advisories/22394 | 2017-10-19 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Microsoft Search vendor "Microsoft" | Powerpoint Search vendor "Microsoft" for product "Powerpoint" | 2003 Search vendor "Microsoft" for product "Powerpoint" and version "2003" | - |
Affected
|