CVE - CVE-2006-3590

CVE-ID
CVE-2006-3590	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
mso.dll, as used by Microsoft PowerPoint 2000 through 2003, allows user-assisted attackers to execute arbitrary commands via a malformed shape container in a PPT file that leads to memory corruption, as exploited by Trojan.PPDropper.B, a different issue than CVE-2006-1540 and CVE-2006-3493.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
BID:18957 URL:http://www.securityfocus.com/bid/18957 BUGTRAQ:20060714 Microsoft PowerPoint 0-day Vulnerability FAQ document written URL:http://www.securityfocus.com/archive/1/440137/100/0/threaded BUGTRAQ:20060716 Several updates in MS PowerPoint 0-day Vulnerability FAQ at SecuriTeam Blogs URL:http://www.securityfocus.com/archive/1/440255/100/0/threaded BUGTRAQ:20060718 New PowerPoint Trojan installs itself as LSP URL:http://www.securityfocus.com/archive/1/440532/100/0/threaded CERT:TA06-220A URL:http://www.us-cert.gov/cas/techalerts/TA06-220A.html CERT-VN:VU#936945 URL:http://www.kb.cert.org/vuls/id/936945 MISC:http://blogs.securiteam.com/?p=508 MISC:http://isc.sans.org/diary.php?storyid=1484 MISC:http://securityresponse.symantec.com/avcenter/venc/data/trojan.ppdropper.b.html MS:MS06-048 URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-048 OSVDB:27324 URL:~~http://www.osvdb.org/27324~~ (Obsolete source) OVAL:oval:org.mitre.oval:def:399 URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A399 SECTRACK:1016496 URL:http://securitytracker.com/id?1016496 SECUNIA:21040 URL:http://secunia.com/advisories/21040 VUPEN:ADV-2006-2795 URL:~~http://www.vupen.com/english/advisories/2006/2795~~ (Obsolete source) XF:powerpoint-mso-code-execution(27740) URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/27740 XF:powerpoint-mso-code-execution2(27781) URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/27781
Assigning CNA
MITRE Corporation
Date Record Created
20060714	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20060714)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)