9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.601 Medium
EPSS
Percentile
97.4%
Added: 01/17/2007
CVE: CVE-2006-3876
BID: 20322
OSVDB: 29447
Microsoft PowerPoint is presentation software included in the Microsoft Office desktop suite.
Improper handling of malformed Data records in PowerPoint files allows command execution.
Apply the patch referenced in Microsoft Security Bulletin 06-058.
<http://www.kb.cert.org/vuls/id/938196>
<http://www.microsoft.com/technet/security/Bulletin/MS06-058.mspx>
Exploit works on Microsoft PowerPoint 2000 SR-1 (9.0.3821). Exploit requires a user to open the exploit file in Microsoft PowerPoint.
Windows