Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-1316

Overview

Vulnerability Score 9.3 9.3
CVE Id CVE-2006-1316
Last Modified 07 Mar 2011 12:00:00
Published 11 Jul 2006 05:05:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2006-1316

Summary

Unspecified vulnerability in Microsoft Office 2003 SP1 and SP2, Office XP SP3, Office 2000 SP3, and other products, allows user-assisted attackers to execute arbitrary code via an Office file with malformed string that triggers memory corruption related to record lengths, aka "Microsoft Office Parsing Vulnerability," a different vulnerability than CVE-2006-2389.

Vulnerable Systems

Application

  • Microsoft Office 2000

  • Microsoft Office 2003

  • Microsoft Office Xp


References

CERT - TA06-192A

CERT-VN - VU#580036

MS - MS06-038

XF - office-string-parse-bo(27607)

VUPEN - ADV-2006-2756

BID - 18912

OSVDB - 27148

SECTRACK - 1016469

SECUNIA - 21012

Related Patches

Apple 2006-07-11 Microsoft Office 2004 Update 11.2.5 (Rev 4)


Last Updated: 27 May 2016 10:42:02