Lucene search

K
cveMicrosoftCVE-2006-0033
HistoryJul 11, 2006 - 9:05 p.m.

CVE-2006-0033

2006-07-1121:05:00
microsoft
web.nvd.nist.gov
30
cve-2006-0033
microsoft office
vulnerability
user-assisted
arbitrary code
png image
memory corruption
nvd

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

7.4

Confidence

High

EPSS

0.813

Percentile

98.4%

Unspecified vulnerability in Microsoft Office 2003 SP1 and SP2, Office XP SP3, Office 2000 SP3, and other products, allows user-assisted attackers to execute arbitrary code via a crafted PNG image that triggers memory corruption when it is parsed.

Affected configurations

Nvd
Node
microsoftofficeMatch2000sp3
OR
microsoftofficeMatch2003sp1
OR
microsoftofficeMatch2003sp2
OR
microsoftofficeMatchxpsp3
VendorProductVersionCPE
microsoftoffice2000cpe:2.3:a:microsoft:office:2000:sp3:*:*:*:*:*:*
microsoftoffice2003cpe:2.3:a:microsoft:office:2003:sp1:*:*:*:*:*:*
microsoftoffice2003cpe:2.3:a:microsoft:office:2003:sp2:*:*:*:*:*:*
microsoftofficexpcpe:2.3:a:microsoft:office:xp:sp3:*:*:*:*:*:*

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

7.4

Confidence

High

EPSS

0.813

Percentile

98.4%