[email protected]CVE-2006-3651

HistoryOct 10, 2006 - 10:07 p.m.

CVE-2006-3651

2006-10-1022:07:00

NVD-CWE-noinfo

[email protected]

web.nvd.nist.gov

microsoft word

office 2000

office 2002

office 2003

cve-2006-3651

remote code execution

7.3 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.621 Medium

EPSS

Percentile

97.8%

JSON

Unspecified vulnerability in Microsoft Word 2000, 2002, and Office 2003 allows remote user-assisted attackers to execute arbitrary code via a crafted mail merge file, a different vulnerability than CVE-2006-3647 and CVE-2006-4693.

CPENameOperatorVersion
microsoft:wordmicrosoft wordeq2000
microsoft:wordmicrosoft wordeq2002
microsoft:officemicrosoft officeeq2003

CPE	Name	Operator	Version
microsoft:word	microsoft word	eq	2000
microsoft:word	microsoft word	eq	2002
microsoft:office	microsoft office	eq	2003

References

securitytracker.com/id?1017032

www.kb.cert.org/vuls/id/921300

www.securityfocus.com/archive/1/449179/100/0/threaded

www.securityfocus.com/bid/20358

www.vupen.com/english/advisories/2006/3979

docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-060

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A51

7.3 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.621 Medium

EPSS

Percentile

97.8%

JSON

Related for CVE-2006-3651

cve2 cvelist3 securityvulns3 nessus2 cert1