CVE - CVE-2006-2492

CVE-ID
CVE-2006-2492	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
Buffer overflow in Microsoft Word in Office 2000 SP3, Office XP SP3, Office 2003 Sp1 and SP2, and Microsoft Works Suites through 2006, allows user-assisted attackers to execute arbitrary code via a malformed object pointer, as originally reported by ISC on 20060519 for a zero-day attack.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
BID:18037 URL:http://www.securityfocus.com/bid/18037 CERT:TA06-139A URL:http://www.us-cert.gov/cas/techalerts/TA06-139A.html CERT:TA06-164A URL:http://www.us-cert.gov/cas/techalerts/TA06-164A.html CERT-VN:VU#446012 URL:http://www.kb.cert.org/vuls/id/446012 CONFIRM:http://www.microsoft.com/technet/security/advisory/919637.mspx MISC:http://blogs.technet.com/msrc/archive/2006/05/19/429353.aspx MISC:http://isc.sans.org/diary.php?storyid=1345 MISC:http://isc.sans.org/diary.php?storyid=1346 MS:MS06-027 URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-027 OSVDB:25635 URL:~~http://www.osvdb.org/25635~~ (Obsolete source) OVAL:oval:org.mitre.oval:def:1418 URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1418 OVAL:oval:org.mitre.oval:def:1738 URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1738 OVAL:oval:org.mitre.oval:def:2068 URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2068 SECTRACK:1016130 URL:http://securitytracker.com/id?1016130 SECUNIA:20153 URL:http://secunia.com/advisories/20153 VUPEN:ADV-2006-1872 URL:~~http://www.vupen.com/english/advisories/2006/1872~~ (Obsolete source) XF:word-code-execution(26556) URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/26556
Assigning CNA
CERT/CC
Date Record Created
20060519	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20060519)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)