Lucene search
SAINT CorporationSAINT:4920648E49BA14F9C7DE34D884E87721HistoryMay 04, 2007 - 12:00 a.m.
Microsoft Step-by-Step Interactive Training bookmark buffer overflow
2007-05-0400:00:00
SAINT Corporation
www.saintcorporation.com
10
0.923 High
EPSS
Percentile
98.7%
Added: 05/04/2007
CVE: CVE-2006-3448
BID: 22484
OSVDB: 31883
Background
Microsoft Step-by-Step Interactive Training is the engine used by various training programs.
Problem
A buffer overflow vulnerability in Microsoft Step-by-Step Interactive Training allows command execution when a specially crafted bookmark link file is opened.
Resolution
Apply the update referenced in Microsoft Security Bulletin 07-005.
References
<http://www.kb.cert.org/vuls/id/466873>
Limitations
Exploit works on Microsoft Office 2000 Step-by-Step Interactive Training with MS05-031 patch on Windows 2000 and Windows XP.
A user must open the exploit file in order for the exploit to succeed.
Platforms
Windows
Related
saint
saint
Microsoft Step-by-Step Interactive Training bookmark buffer overflow
2007-05-04 00:00:00
Microsoft Step-by-Step Interactive Training bookmark buffer overflow
2007-05-04 00:00:00
Microsoft Step-by-Step Interactive Training bookmark buffer overflow
2007-05-04 00:00:00
checkpoint_advisories
checkpoint_advisories
securityvulns
securityvulns
Microsoft Security Bulletin MS07-005
2007-02-13 00:00:00
Microsoft Step-by-Step Interactive Training buffer overflow
2007-02-14 00:00:00
cert
cert
Microsoft Step-by-Step Interactive Training contains a buffer overflow
2007-02-14 00:00:00
nessus
nessus
cve
cve
CVE-2006-3448
2007-02-13 20:28:00