CVE-2006-2492
7.5 High
AI Score
Confidence
Low
7.6 High
CVSS2
Access Vector
NETWORK
Access Complexity
HIGH
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:H/Au:N/C:C/I:C/A:C
0.943 High
EPSS
Percentile
99.2%
Buffer overflow in Microsoft Word in Office 2000 SP3, Office XP SP3, Office 2003 Sp1 and SP2, and Microsoft Works Suites through 2006, allows user-assisted attackers to execute arbitrary code via a malformed object pointer, as originally reported by ISC on 20060519 for a zero-day attack.
| CPE | Name | Operator | Version |
|---|---|---|---|
| microsoft:word | microsoft word | eq | 2003 |
References
blogs.technet.com/msrc/archive/2006/05/19/429353.aspx
isc.sans.org/diary.php?storyid=1345
isc.sans.org/diary.php?storyid=1346
secunia.com/advisories/20153
securitytracker.com/id?1016130
www.kb.cert.org/vuls/id/446012
www.microsoft.com/technet/security/advisory/919637.mspx
www.osvdb.org/25635
www.securityfocus.com/bid/18037
www.us-cert.gov/cas/techalerts/TA06-139A.html
www.us-cert.gov/cas/techalerts/TA06-164A.html
www.vupen.com/english/advisories/2006/1872
docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-027
exchange.xforce.ibmcloud.com/vulnerabilities/26556
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1418
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1738
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2068
Social References
More
Related
7.5 High
AI Score
Confidence
Low
7.6 High
CVSS2
Access Vector
NETWORK
Access Complexity
HIGH
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:H/Au:N/C:C/I:C/A:C
0.943 High
EPSS
Percentile
99.2%