Vulnerability Details CVE-2006-6456
Unspecified vulnerability in Microsoft Word 2000, 2002, and 2003 and Word Viewer 2003 allows remote attackers to execute code via unspecified vectors related to malformed data structures that trigger memory corruption, a different vulnerability than CVE-2006-5994.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.566
EPSS Ranking 98.0%
CVSS Severity
CVSS v2 Score 9.3
References
- http://archives.neohapsis.com/archives/fulldisclosure/2006-12/0199.html
- http://archives.neohapsis.com/archives/fulldisclosure/2006-12/0215.html
- http://blogs.technet.com/msrc/archive/2006/12/10/new-report-of-a-word-zero-day.aspx
- http://isc.sans.org/diary.php?storyid=1925
- http://secunia.com/advisories/23205
- http://securitytracker.com/id?1017358
- http://securitytracker.com/id?1017579
- http://vil.mcafeesecurity.com/vil/content/v_141056.htm
- http://vil.mcafeesecurity.com/vil/content/v_vul27249.htm
- http://www.kb.cert.org/vuls/id/166700
- http://www.osvdb.org/30825
- http://www.securityfocus.com/archive/1/454069/100/0/threaded
- http://www.securityfocus.com/archive/1/454072/100/0/threaded
- http://www.securityfocus.com/archive/1/454093/100/0/threaded
- http://www.securityfocus.com/bid/21518
- http://www.us-cert.gov/cas/techalerts/TA07-044A.html
- http://www.vupen.com/english/advisories/2006/4920
- http://www.vupen.com/english/advisories/2007/0435
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-014
- https://exchange.xforce.ibmcloud.com/vulnerabilities/30806
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A746
- http://archives.neohapsis.com/archives/fulldisclosure/2006-12/0199.html
- http://archives.neohapsis.com/archives/fulldisclosure/2006-12/0215.html
- http://blogs.technet.com/msrc/archive/2006/12/10/new-report-of-a-word-zero-day.aspx
- http://isc.sans.org/diary.php?storyid=1925
- http://secunia.com/advisories/23205
- http://securitytracker.com/id?1017358
- http://securitytracker.com/id?1017579
- http://vil.mcafeesecurity.com/vil/content/v_141056.htm
- http://vil.mcafeesecurity.com/vil/content/v_vul27249.htm
- http://www.kb.cert.org/vuls/id/166700
- http://www.osvdb.org/30825
- http://www.securityfocus.com/archive/1/454069/100/0/threaded
- http://www.securityfocus.com/archive/1/454072/100/0/threaded
- http://www.securityfocus.com/archive/1/454093/100/0/threaded
- http://www.securityfocus.com/bid/21518
- http://www.us-cert.gov/cas/techalerts/TA07-044A.html
- http://www.vupen.com/english/advisories/2006/4920
- http://www.vupen.com/english/advisories/2007/0435
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-014
- https://exchange.xforce.ibmcloud.com/vulnerabilities/30806
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A746
Products affected by CVE-2006-6456
-
cpe:2.3:a:microsoft:office:2000
-
cpe:2.3:a:microsoft:office:2003
-
cpe:2.3:a:microsoft:office:2004
-
cpe:2.3:a:microsoft:office:xp
-
cpe:2.3:a:microsoft:word:2000
-
cpe:2.3:a:microsoft:word:2002
-
cpe:2.3:a:microsoft:word:2003
-
cpe:2.3:a:microsoft:word_viewer:2003
-
cpe:2.3:a:microsoft:works:2004
-
cpe:2.3:a:microsoft:works:2005
-
cpe:2.3:a:microsoft:works:2006