Vulnerability Name: CVE-2006-3864 (CCN-29213) Assigned: 2006-10-10 Published: 2006-10-10 Updated: 2018-10-17 Summary: Unspecified vulnerability in mso.dll in Microsoft Office 2000, XP, and 2003, and Microsoft PowerPoint 2000, XP, and 2003, allows remote user-assisted attackers to execute arbitrary code via a malformed record in a (1) .DOC, (2) .PPT, or (3) .XLS file that triggers memory corruption, related to an "array boundary condition" (possibly an array index overflow), a different vulnerability than CVE-2006-3434 , CVE-2006-3650 , and CVE-2006-3868 . CVSS v3 Severity: 5.6 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L )Exploitability Metrics: Attack Vector (AV): NetworkAttack Complexity (AC): HighPrivileges Required (PR): NoneUser Interaction (UI): NoneScope: Scope (S): UnchangedImpact Metrics: Confidentiality (C): LowIntegrity (I): LowAvailibility (A): Low
CVSS v2 Severity: 9.3 High (CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C )6.9 Medium (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C )Exploitability Metrics: Access Vector (AV): NetworkAccess Complexity (AC): MediumAuthentication (Au): NoneImpact Metrics: Confidentiality (C): CompleteIntegrity (I): CompleteAvailibility (A): Complete
5.1 Medium (CCN CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P )3.8 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C )Exploitability Metrics: Access Vector (AV): NetworkAccess Complexity (AC): HighAthentication (Au): NoneImpact Metrics: Confidentiality (C): PartialIntegrity (I): PartialAvailibility (A): Partial
Vulnerability Type: CWE-noinfo CWE-94 Vulnerability Consequences: Gain Access References: Source: CCN Type: BugTraq Mailing List, Tue Oct 10 2006 - 23:02:09 CDTMicrosoft Office Malformed Record Memory Corruption Vulnerability Source: MITRE Type: CNACVE-2006-3864 Source: CCN Type: SA22339Microsoft Office Multiple Code Execution Vulnerabilities Source: SECUNIA Type: Vendor Advisory22339 Source: CCN Type: SECTRACK ID: 1017034Microsoft Office String, Chart Record, and SmartTag Validation Errors Let Remote Users Execute Arbitrary Code Source: SECTRACK Type: UNKNOWN1017034 Source: MISC Type: UNKNOWNhttp://secway.org/advisory/AD20061010.txt Source: CCN Type: ASA-2006-217Windows Security Updates for October 2006 - (MS06-056 - MS06-065) Source: MSKB Type: UNKNOWN922581 Source: CCN Type: Microsoft Security Bulletin MS11-096Vulnerability in Microsoft Excel Could Allow Remote Code Execution (2640241) Source: CCN Type: Microsoft Security Bulletin MS12-028Vulnerability in Microsoft Office Could Allow for Remote Code Execution (2639185) Source: CCN Type: Microsoft Security Bulletin MS12-029Vulnerability in Microsoft Word Could Allow Remote Code Execution (2680352) Source: CCN Type: Microsoft Security Bulletin MS12-057Vulnerability in Microsoft Office Could Allow for Remote Code Execution (2731879) Source: CCN Type: Microsoft Security Bulletin MS12-064Vulnerabilities in Microsoft Word Could Allow Remote Code Execution (2742319) Source: CCN Type: Microsoft Security Bulletin MS12-065Vulnerability in Microsoft Works Could Allow Remote Code Execution (KB2754670) Source: CCN Type: Microsoft Security Bulletin MS12-079Vulnerability in Microsoft Word Could Allow Remote Code Execution (2780642) Source: CCN Type: Microsoft Security Bulletin MS13-043Vulnerability in Microsoft Word Could Allow Remote Code Execution (2830399) Source: CCN Type: Microsoft Security Bulletin MS13-072Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (2845537) Source: CCN Type: Microsoft Security Bulletin MS13-085Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (2885080) Source: CCN Type: Microsoft Security Bulletin MS13-086Vulnerabilities in Microsoft Word Could Allow Remote Code Execution (2885084) Source: CCN Type: Microsoft Security Bulletin MS14-001Vulnerabilities in Microsoft Word and Office Web Apps Could Allow Remote Code Execution (2916605) Source: CCN Type: Microsoft Security Bulletin MS14-017Vulnerabilities in Microsoft Word and Office Web Apps Could Allow Remote Code Execution (2949660) Source: CCN Type: Microsoft Security Bulletin MS14-034Vulnerability in Microsoft Word Could Allow Remote Code Execution (2969261) Source: CCN Type: Microsoft Security Bulletin MS14-048Vulnerability in OneNote Could Allow Remote Code Execution (2977201) Source: CCN Type: Microsoft Security Bulletin MS14-061Vulnerability in Microsoft Word and Office Web Apps Could Allow Remote Code Execution (3000434) Source: CCN Type: Microsoft Security Bulletin MS14-069Vulnerability in Microsoft Office Could Allow Remote Code Execution (3009710) Source: CCN Type: Microsoft Security Bulletin MS14-081Vulnerabilities in Microsoft Word and Office Web Apps Could Allow Remote Code Execution (3017301) Source: CCN Type: Microsoft Security Bulletin MS14-083Vulnerabilities in MicrosoftExcel Could Allow Remote Code Execution (3017347) Source: CCN Type: Microsoft Security Bulletin MS15-081Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (3080790) Source: CCN Type: Microsoft Security Bulletin MS15-099Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (3089664) Source: CCN Type: Microsoft Security Bulletin MS15-110Security Updates for Microsoft Office (3096440) Source: CCN Type: Microsoft Security Bulletin MS15-116Security Updates for Microsoft Office to Address Remote Code Execution (3104540) Source: CCN Type: Microsoft Security Bulletin MS15-131Security Update for Microsoft Office to Address Remote Code Execution (3116111) Source: CCN Type: Microsoft Security Bulletin MS16-004Security Update for Microsoft Office to Address Remote Code Execution - Critical (3124585) Source: CCN Type: Microsoft Security Bulletin MS16-015Security Update for Microsoft Office to Address Remote Code Execution (3134226) Source: CCN Type: Microsoft Security Bulletin MS16-029Security Update for Microsoft Office to Address Remote Code Execution (3141806) Source: CCN Type: Microsoft Security Bulletin MS16-042Security Update for Microsoft Office (3148775) Source: CCN Type: Microsoft Security Bulletin MS16-054Security Update for Microsoft Office (3155544) Source: CCN Type: Microsoft Security Bulletin MS16-070Security Update for Office (3163610) Source: CCN Type: Microsoft Security Bulletin MS16-088Security Updates for Office (3170008) Source: CCN Type: Microsoft Security Bulletin MS16-099Security Update for Office (3177451) Source: CCN Type: Microsoft Security Bulletin MS16-107Security Update for Microsoft Office (3185852) Source: CCN Type: Microsoft Security Bulletin MS16-121Security Update for Microsoft Office (3194063) Source: CCN Type: Microsoft Security Bulletin MS16-133Security Update for Microsoft Office (3199168) Source: CCN Type: Microsoft Security Bulletin MS16-148Security Update for Microsoft Office (3204068) Source: CCN Type: Microsoft Security Bulletin MS17-002Security Update for Microsoft Office (3214291) Source: CCN Type: Microsoft Security Bulletin MS17-013Security Update for Microsoft Graphics Component (4013075) Source: CCN Type: Microsoft Security Bulletin MS17-014Security Update for Microsoft Office (4013241) Source: CCN Type: US-CERT VU#176556Microsoft Office fails to properly parse malformed records Source: CERT-VN Type: US Government ResourceVU#176556 Source: CCN Type: Microsoft Security Bulletin MS06-062Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (922581) Source: CCN Type: Microsoft Security Bulletin MS07-015Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (932554) Source: CCN Type: Microsoft Security Bulletin MS08-016Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (949030) Source: CCN Type: Microsoft Security Bulletin MS08-055Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (955047) Source: CCN Type: Microsoft Security Bulletin MS10-036Vulnerabilities in COM validation in Microsoft Office Could Allow Remote Code Execution (983235 Source: CCN Type: Microsoft Security Bulletin MS10-056Vulnerabilities in Microsoft Office Word Could Allow Remote Code Execution (2269638) Source: CCN Type: Microsoft Security Bulletin MS10-057Vulnerability in Microsoft Office Excel Could Allow Remote Code Execution (2269707) Source: CCN Type: Microsoft Security Bulletin MS10-079Vulnerabilities in Microsoft Word Could Allow Remote Code Execution (2293194) Source: CCN Type: Microsoft Security Bulletin MS10-087Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (2423930) Source: CCN Type: Microsoft Security Bulletin MS10-105Vulnerabilities in Microsoft Office Graphics Filters Could Allow for Remote Code Execution (968095) Source: CCN Type: Microsoft Security Bulletin MS11-021Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (2489279) Source: CCN Type: Microsoft Security Bulletin MS11-023Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (2489293) Source: CCN Type: Microsoft Security Bulletin MS11-045Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (2537146) Source: CCN Type: Microsoft Security Bulletin MS11-072Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (2587505) Source: OSVDB Type: UNKNOWN29429 Source: CCN Type: OSVDB ID: 29429Microsoft Office mso.dll Malformed Record Handling Arbitrary Code Execution Source: BUGTRAQ Type: UNKNOWN20061011 Microsoft Office Malformed Record Memory Corruption Vulnerability Source: HP Type: UNKNOWNSSRT061264 Source: BID Type: UNKNOWN20384 Source: CCN Type: BID-20384Microsoft Office Malformed Record Remote Code Execution Vulnerability Source: VUPEN Type: Vendor AdvisoryADV-2006-3981 Source: MS Type: UNKNOWNMS06-062 Source: XF Type: UNKNOWNoffice-record-code-execution(29213) Source: OVAL Type: UNKNOWNoval:org.mitre.oval:def:632 Vulnerable Configuration: Configuration 1 :cpe:/a:microsoft:office:2000:sp3:*:*:*:*:*:* OR cpe:/a:microsoft:office:2003:sp1:*:*:*:*:*:* OR cpe:/a:microsoft:office:2003:sp2:*:*:*:*:*:* OR cpe:/a:microsoft:office:2004:*:mac:*:*:*:*:* OR cpe:/a:microsoft:office:v.x:*:mac:*:*:*:*:* OR cpe:/a:microsoft:office:xp:sp3:*:*:*:*:*:* OR cpe:/a:microsoft:project:2000:sr1:*:*:*:*:*:* OR cpe:/a:microsoft:project:2002:sp1:*:*:*:*:*:* OR cpe:/a:microsoft:visio:2002:sp2:*:*:*:*:*:* Configuration CCN 1 :cpe:/a:microsoft:outlook:2000:*:*:*:*:*:*:* OR cpe:/a:microsoft:frontpage:2000:*:*:*:*:*:*:* OR cpe:/a:microsoft:powerpoint:2000:*:*:*:*:*:*:* OR cpe:/a:microsoft:excel:2000:*:*:*:*:*:*:* OR cpe:/a:microsoft:word:2000:*:*:*:*:*:*:* OR cpe:/a:microsoft:word:2002:*:*:*:*:*:*:* OR cpe:/a:microsoft:outlook:2002:*:*:*:*:*:*:* OR cpe:/a:microsoft:excel:2002:*:*:*:*:*:*:* OR cpe:/a:microsoft:powerpoint:2002:*:*:*:*:*:*:* OR cpe:/a:microsoft:access:2000:*:*:*:*:*:*:* OR cpe:/a:microsoft:access:2002:*:*:*:*:*:*:* OR cpe:/a:microsoft:frontpage:2002:*:*:*:*:*:*:* OR cpe:/a:microsoft:publisher:2000:*:*:*:*:*:*:* OR cpe:/a:microsoft:publisher:2002:*:*:*:*:*:*:* OR cpe:/a:microsoft:visio:2002:*:*:*:*:*:*:* OR cpe:/a:microsoft:word:2003:*:*:*:*:*:*:* OR cpe:/a:microsoft:outlook:2003:*:*:*:*:*:*:* OR cpe:/a:microsoft:project:2003:*:*:*:*:*:*:* OR cpe:/a:microsoft:visio:2003:*:*:*:*:*:*:* OR cpe:/a:microsoft:frontpage:2003:*:*:*:*:*:*:* OR cpe:/a:microsoft:publisher:2003:*:*:*:*:*:*:* OR cpe:/a:microsoft:project:2002:sp1:*:*:*:*:*:* OR cpe:/a:microsoft:visio:2002:sp2:*:*:*:*:*:* OR cpe:/a:microsoft:office:xp:sp3:*:*:*:*:*:* OR cpe:/a:microsoft:excel:2003:*:*:*:*:*:*:* OR cpe:/a:microsoft:powerpoint:2003:*:*:*:*:*:*:* OR cpe:/a:microsoft:office_infopath:2003:*:*:*:*:*:*:* OR cpe:/a:microsoft:onenote:2003:*:*:*:*:*:*:* OR cpe:/a:microsoft:office:2000:sp3:*:*:*:*:*:* OR cpe:/a:microsoft:office:2003:sp1:*:*:*:*:*:* OR cpe:/a:microsoft:access:2003:*:*:*:*:*:*:* OR cpe:/a:microsoft:word_viewer:2003:*:*:*:*:*:*:* OR cpe:/a:microsoft:office:2003:sp2:*:*:*:*:*:* OR cpe:/a:microsoft:office:2004:*:*:*:*:*:*:* OR cpe:/a:microsoft:excel_viewer:2003:*:*:*:*:*:*:* OR cpe:/a:microsoft:project:2000:sr1:*:*:*:*:*:* Denotes that component is vulnerable Oval Definitions BACK
microsoft office 2000 sp3
microsoft office 2003 sp1
microsoft office 2003 sp2
microsoft office 2004
microsoft office v.x
microsoft office xp sp3
microsoft project 2000 sr1
microsoft project 2002 sp1
microsoft visio 2002 sp2
microsoft outlook 2000
microsoft frontpage 2000
microsoft powerpoint 2000
microsoft excel 2000
microsoft word 2000
microsoft word 2002
microsoft outlook 2002
microsoft excel 2002
microsoft powerpoint 2002
microsoft access 2000
microsoft access 2002
microsoft frontpage 2002
microsoft publisher 2000
microsoft publisher 2002
microsoft visio 2002
microsoft word 2003
microsoft outlook 2003
microsoft project 2003
microsoft visio 2003
microsoft frontpage 2003
microsoft publisher 2003
microsoft project 2002 sp1
microsoft visio 2002 sp2
microsoft office xp sp3
microsoft excel 2003
microsoft powerpoint 2003
microsoft office infopath 2003
microsoft onenote 2003
microsoft office 2000 sp3
microsoft office 2003 sp1
microsoft access 2003
microsoft word viewer 2003
microsoft office 2003 sp2
microsoft office 2004
microsoft excel viewer 2003
microsoft project 2000 sr1