CVE-2006-6561

Unspecified vulnerability in Microsoft Word 2000, 2002, and Word Viewer 2003 allows user-assisted remote attackers to execute arbitrary code via a crafted DOC file that triggers memory corruption, as demonstrated via the 12122006-djtest.doc file, a different issue than CVE-2006-5994 and CVE-2006-6456.
References
Link Resource
http://blogs.securiteam.com/?p=763
http://blogs.technet.com/msrc/archive/2006/12/15/update-on-current-word-vulnerability-reports.aspx
http://research.eeye.com/html/alerts/zeroday/20061212.html Vendor Advisory
http://securitytracker.com/id?1017390
http://www.infoworld.com/article/06/12/13/HNthirdword_1.html
http://www.kb.cert.org/vuls/id/996892 Third Party Advisory US Government Resource
http://www.milw0rm.com/sploits/12122006-djtest.doc Exploit
http://www.securityfocus.com/archive/1/454219/30/0/threaded Exploit
http://www.securityfocus.com/bid/21589 Vendor Advisory
http://www.vupen.com/english/advisories/2006/4997 Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/30885
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A332
http://blogs.securiteam.com/?p=763
http://blogs.technet.com/msrc/archive/2006/12/15/update-on-current-word-vulnerability-reports.aspx
http://research.eeye.com/html/alerts/zeroday/20061212.html Vendor Advisory
http://securitytracker.com/id?1017390
http://www.infoworld.com/article/06/12/13/HNthirdword_1.html
http://www.kb.cert.org/vuls/id/996892 Third Party Advisory US Government Resource
http://www.milw0rm.com/sploits/12122006-djtest.doc Exploit
http://www.securityfocus.com/archive/1/454219/30/0/threaded Exploit
http://www.securityfocus.com/bid/21589 Vendor Advisory
http://www.vupen.com/english/advisories/2006/4997 Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/30885
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A332
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:microsoft:office:2000:sp3:*:*:*:*:*:*
cpe:2.3:a:microsoft:office:2003:sp2:*:*:*:*:*:*
cpe:2.3:a:microsoft:office:2004:*:mac:*:*:*:*:*
cpe:2.3:a:microsoft:office:xp:sp3:*:*:*:*:*:*
cpe:2.3:a:microsoft:word:2000:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:word:2002:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:word:2003:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:word_viewer:2003:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:works:2004:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:works:2005:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:works:2006:*:*:*:*:*:*:*

History

21 Nov 2024, 00:22

Type Values Removed Values Added
References () http://blogs.securiteam.com/?p=763 - () http://blogs.securiteam.com/?p=763 -
References () http://blogs.technet.com/msrc/archive/2006/12/15/update-on-current-word-vulnerability-reports.aspx - () http://blogs.technet.com/msrc/archive/2006/12/15/update-on-current-word-vulnerability-reports.aspx -
References () http://research.eeye.com/html/alerts/zeroday/20061212.html - Vendor Advisory () http://research.eeye.com/html/alerts/zeroday/20061212.html - Vendor Advisory
References () http://securitytracker.com/id?1017390 - () http://securitytracker.com/id?1017390 -
References () http://www.infoworld.com/article/06/12/13/HNthirdword_1.html - () http://www.infoworld.com/article/06/12/13/HNthirdword_1.html -
References () http://www.kb.cert.org/vuls/id/996892 - Third Party Advisory, US Government Resource () http://www.kb.cert.org/vuls/id/996892 - Third Party Advisory, US Government Resource
References () http://www.milw0rm.com/sploits/12122006-djtest.doc - Exploit () http://www.milw0rm.com/sploits/12122006-djtest.doc - Exploit
References () http://www.securityfocus.com/archive/1/454219/30/0/threaded - Exploit () http://www.securityfocus.com/archive/1/454219/30/0/threaded - Exploit
References () http://www.securityfocus.com/bid/21589 - Vendor Advisory () http://www.securityfocus.com/bid/21589 - Vendor Advisory
References () http://www.vupen.com/english/advisories/2006/4997 - Vendor Advisory () http://www.vupen.com/english/advisories/2006/4997 - Vendor Advisory
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/30885 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/30885 -
References () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A332 - () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A332 -

Information

Published : 2006-12-14 18:28

Updated : 2024-11-21 00:22


NVD link : CVE-2006-6561

Mitre link : CVE-2006-6561

CVE.ORG link : CVE-2006-6561


JSON object : View

Products Affected

microsoft

  • works
  • word_viewer
  • office
  • word