Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
9.3
CVSSv2

CVE-2006-2389

Published: 11/07/2006 Updated: 12/10/2018
CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6
VMScore: 935
Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Subscribe to Microsoft

Vulnerability Summary

Unspecified vulnerability in Microsoft Office 2003 SP1 and SP2, Office XP SP3, Office 2000 SP3, and other products, allows user-assisted malicious users to execute arbitrary code via an Office file with a malformed property that triggers memory corruption related to record lengths, aka "Microsoft Office Property Vulnerability," a different vulnerability than CVE-2006-1316.

Vulnerable Product Search on Vulmon Subscribe to Product

microsoft office xp

microsoft office 2000

microsoft office 2003

Exploits

Exploit DB: Microsoft Office 2000/2002 - Property Code Execution
source: wwwsecurityfocuscom/bid/18911/info Microsoft Office is prone to a code-execution vulnerability This is due to a failure to handle exceptional conditions Successfully exploiting this issue allows attackers to corrupt process memory and to execute arbitrary code in the context of targeted users #Microsoft Office Property Code E ...
Exploit DB: Microsoft Office Property Code Execution
Microsoft Office memory corruption code execution exploit that demonstrates a malformed property vulnerability ...

References

CWE-94NVD-CWE-noinfohttp://www.kb.cert.org/vuls/id/409316http://secunia.com/advisories/21012http://www.us-cert.gov/cas/techalerts/TA06-192A.htmlhttp://securitytracker.com/id?1016469http://www.securityfocus.com/bid/18911http://www.osvdb.org/27149http://www.vupen.com/english/advisories/2006/2756https://exchange.xforce.ibmcloud.com/vulnerabilities/27609https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A279https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-038https://nvd.nist.govhttps://www.exploit-db.com/exploits/28198/https://www.kb.cert.org/vuls/id/409316
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-25525CVE-2024-4652CVE-2024-1438CVE-2024-4671CVE-2024-34351arbitrary CVE-2024-4650SQL injectionoverflow
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook