CVE-2006-3650
Published Oct 10, 2006
Last updated 6 years ago
Overview
- Description
- Microsoft Office 2000, XP, 2003, 2004 for Mac, and v.X for Mac do not properly parse the length of a chart record, which allows remote user-assisted attackers to execute arbitrary code via a Word document with an embedded malformed chart record that triggers an overwrite of pointer values with values from the document, a different vulnerability than CVE-2006-3434, CVE-2006-3864, and CVE-2006-3868.
- Source
- secure@microsoft.com
- NVD status
- Modified
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 9.3
- Impact score
- 10
- Exploitability score
- 8.6
- Vector string
- AV:N/AC:M/Au:N/C:C/I:C/A:C
Weaknesses
- nvd@nist.gov
- CWE-94
Social media
- Hype score
- Not currently trending
Configurations
[ { "nodes": [ { "negate": false, "cpeMatch": [ { "criteria": "cpe:2.3:a:microsoft:office:2000:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A9A82D13-513C-46FA-AF51-0582233E230A" }, { "criteria": "cpe:2.3:a:microsoft:office:2000:*:*:ja:*:*:*:*", "vulnerable": true, "matchCriteriaId": "757EC6C1-F5E2-45CD-9F7F-7760ECEDC842" }, { "criteria": "cpe:2.3:a:microsoft:office:2000:*:*:ko:*:*:*:*", "vulnerable": true, "matchCriteriaId": "59B1B68C-86F1-4FA4-9F82-3E8761ED1E74" }, { "criteria": "cpe:2.3:a:microsoft:office:2000:*:*:zh:*:*:*:*", "vulnerable": true, "matchCriteriaId": "716DDA05-D094-4837-852C-0511CDDD5ABC" }, { "criteria": "cpe:2.3:a:microsoft:office:2000:sp1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3C54DDAF-8D7F-4A7D-9186-6048D4C850B2" }, { "criteria": "cpe:2.3:a:microsoft:office:2000:sp2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "67388076-420D-4327-A436-329177EA6F42" }, { "criteria": "cpe:2.3:a:microsoft:office:2000:sp3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4891122F-AD7F-45E6-98C6-833227916F6B" }, { "criteria": "cpe:2.3:a:microsoft:office:2001:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "64B3099E-DFA0-4C7E-B016-370028BF8387" }, { "criteria": "cpe:2.3:a:microsoft:office:2001:*:*:*:*:mac_os:*:*", "vulnerable": true, "matchCriteriaId": "43AE142C-E7AD-418E-BA9B-887285EE9620" }, { "criteria": "cpe:2.3:a:microsoft:office:2001:sr1:*:*:*:mac_os:*:*", "vulnerable": true, "matchCriteriaId": "23E6544C-3695-45E6-A8AD-2F3A3B574915" }, { "criteria": "cpe:2.3:a:microsoft:office:2003:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DB7EA4CC-E705-42DB-86B6-E229DA36B66D" }, { "criteria": "cpe:2.3:a:microsoft:office:2003:sp1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4EED9D78-AE73-44BA-A1CE-603994E92E89" }, { "criteria": "cpe:2.3:a:microsoft:office:2003:sp2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "07D3F3E4-93FB-481A-94D9-075E726697C4" }, { "criteria": "cpe:2.3:a:microsoft:office:2003:sp3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A332D04D-CC8C-4F68-A261-BA2F2D8EAD1E" }, { "criteria": "cpe:2.3:a:microsoft:office:2004:*:*:*:*:mac_os:*:*", "vulnerable": true, "matchCriteriaId": "C548E35A-C9DF-4784-824A-EEBB693CD388" }, { "criteria": "cpe:2.3:a:microsoft:office:v.x:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "310DF9B3-3494-4BD4-8A9D-82211EA6C518" } ], "operator": "OR" } ] } ]