// For flags

CVE-2006-6561

Microsoft Word Document - Malformed Pointer (PoC)

Severity Score

9.3
*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

3
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Unspecified vulnerability in Microsoft Word 2000, 2002, and Word Viewer 2003 allows user-assisted remote attackers to execute arbitrary code via a crafted DOC file that triggers memory corruption, as demonstrated via the 12122006-djtest.doc file, a different issue than CVE-2006-5994 and CVE-2006-6456.

Vulnerabilidad no especificada en Microsoft Word 2000, 2002, y Word Viewer 2003 permite a atacantes remotos con la intervención del usuario, ejecutar código de su elección mediante un fichero DOC manipulado que dispara una corrupción de memoria, como se demuestra con el fichero 12122006-djtest.doc, vulnerabilidad diferente a CVE-2006-5994 y CVE-2006-6456.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Medium
Authentication
None
Confidentiality
Complete
Integrity
Complete
Availability
Complete
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2006-12-12 First Exploit
  • 2006-12-14 CVE Reserved
  • 2006-12-14 CVE Published
  • 2024-02-08 EPSS Updated
  • 2024-08-07 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
CWE
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Microsoft
Search vendor "Microsoft"
 Office
Search vendor "Microsoft" for product "Office"
 2000
Search vendor "Microsoft" for product "Office" and version "2000"
sp3
Affected
Microsoft
Search vendor "Microsoft"
 Office
Search vendor "Microsoft" for product "Office"
 2003
Search vendor "Microsoft" for product "Office" and version "2003"
sp2
Affected
Microsoft
Search vendor "Microsoft"
 Office
Search vendor "Microsoft" for product "Office"
 2004
Search vendor "Microsoft" for product "Office" and version "2004"
mac
Affected
Microsoft
Search vendor "Microsoft"
 Office
Search vendor "Microsoft" for product "Office"
 xp
Search vendor "Microsoft" for product "Office" and version "xp"
sp3
Affected
Microsoft
Search vendor "Microsoft"
 Word
Search vendor "Microsoft" for product "Word"
 2000
Search vendor "Microsoft" for product "Word" and version "2000"
-
Affected
Microsoft
Search vendor "Microsoft"
 Word
Search vendor "Microsoft" for product "Word"
 2002
Search vendor "Microsoft" for product "Word" and version "2002"
-
Affected
Microsoft
Search vendor "Microsoft"
 Word
Search vendor "Microsoft" for product "Word"
 2003
Search vendor "Microsoft" for product "Word" and version "2003"
-
Affected
Microsoft
Search vendor "Microsoft"
 Word Viewer
Search vendor "Microsoft" for product "Word Viewer"
 2003
Search vendor "Microsoft" for product "Word Viewer" and version "2003"
-
Affected
Microsoft
Search vendor "Microsoft"
 Works
Search vendor "Microsoft" for product "Works"
 2004
Search vendor "Microsoft" for product "Works" and version "2004"
-
Affected
Microsoft
Search vendor "Microsoft"
 Works
Search vendor "Microsoft" for product "Works"
 2005
Search vendor "Microsoft" for product "Works" and version "2005"
-
Affected
Microsoft
Search vendor "Microsoft"
 Works
Search vendor "Microsoft" for product "Works"
 2006
Search vendor "Microsoft" for product "Works" and version "2006"
-
Affected