Added: 05/04/2007
CVE: CVE-2006-3448
BID: 22484
OSVDB: 31883
Microsoft Step-by-Step Interactive Training is the engine used by various training programs.
A buffer overflow vulnerability in Microsoft Step-by-Step Interactive Training allows command execution when a specially crafted bookmark link file is opened.
Apply the update referenced in Microsoft Security Bulletin 07-005.
<http://www.kb.cert.org/vuls/id/466873>
Exploit works on Microsoft Office 2000 Step-by-Step Interactive Training with MS05-031 patch on Windows 2000 and Windows XP.
A user must open the exploit file in order for the exploit to succeed.
Windows