CVE - CVE-2006-0009

CVE-ID
CVE-2006-0009	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
Buffer overflow in Microsoft Office 2000 SP3, XP SP3, and other versions and packages, allows user-assisted attackers to execute arbitrary code via a routing slip that is longer than specified by the provided length field, as exploited by malware such as TROJ_MDROPPER.BH and Trojan.PPDropper.E in attacks against PowerPoint.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
BID:17000 URL:http://www.securityfocus.com/bid/17000 BID:20059 URL:http://www.securityfocus.com/bid/20059 BUGTRAQ:20060314 SYMSA-2006-001: Buffer overflow in Microsoft Office 2000, Office XP (2002), and Office 2003 Routing Slip Metadata URL:http://www.securityfocus.com/archive/1/427671/100/0/threaded BUGTRAQ:20060422 PowerPoint Phishing Trojan URL:http://www.securityfocus.com/archive/1/432004/30/5340/threaded BUGTRAQ:20060819 New PowerPoint 0-day and Trojan - FAQ document ready URL:http://www.securityfocus.com/archive/1/443890/100/0/threaded BUGTRAQ:20060822 Major updates in PowerPoint FAQ document - not a 0-day issue URL:http://www.securityfocus.com/archive/1/444051/100/200/threaded BUGTRAQ:20060919 Microsoft PowerPoint 0-day Vulnerability FAQ - September written URL:http://www.securityfocus.com/archive/1/446425/100/0/threaded BUGTRAQ:20060919 New PowerPoint 0-day Trojan in the wild URL:http://www.securityfocus.com/archive/1/446370/100/0/threaded CERT:TA06-073A URL:http://www.us-cert.gov/cas/techalerts/TA06-073A.html CERT-VN:VU#682820 URL:http://www.kb.cert.org/vuls/id/682820 CONFIRM:http://support.avaya.com/elmodocs2/security/ASA-2006-069.htm FULLDISC:20060822 Major updates in PowerPoint FAQ document - not a 0-day issue URL:http://archives.neohapsis.com/archives/fulldisclosure/2006-08/0597.html FULLDISC:20060919 New PowerPoint 0-day Trojan in the wild URL:http://lists.grok.org.uk/pipermail/full-disclosure/2006-September/049540.html MISC:http://blogs.securiteam.com/?author=28 MISC:http://blogs.securiteam.com/?p=557 MISC:http://blogs.securiteam.com/?p=559 MISC:http://isc.sans.org/diary.php?storyid=1618 MISC:http://www.darkreading.com/document.asp?doc_id=101970 MISC:http://www.symantec.com/enterprise/research/SYMSA-2006-001.txt MISC:http://www.symantec.com/security_response/writeup.jsp?docid=2006-091810-5028-99 MISC:http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=TROJ%5FMDROPPER%2EBH MS:MS06-012 URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-012 OSVDB:23903 URL:~~http://www.osvdb.org/23903~~ (Obsolete source) OVAL:oval:org.mitre.oval:def:1504 URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1504 OVAL:oval:org.mitre.oval:def:1553 URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1553 OVAL:oval:org.mitre.oval:def:1653 URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1653 OVAL:oval:org.mitre.oval:def:798 URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A798 SECTRACK:1015766 URL:http://securitytracker.com/id?1015766 SECTRACK:1016720 URL:http://securitytracker.com/id?1016720 SECTRACK:1016886 URL:http://securitytracker.com/id?1016886 SECUNIA:19138 URL:http://secunia.com/advisories/19138 SECUNIA:19238 URL:http://secunia.com/advisories/19238 VUPEN:ADV-2006-0950 URL:~~http://www.vupen.com/english/advisories/2006/0950~~ (Obsolete source) VUPEN:ADV-2006-3678 URL:~~http://www.vupen.com/english/advisories/2006/3678~~ (Obsolete source) XF:office-routing-slip-bo(25009) URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/25009 XF:powerpoint-presentation-code-execution(29009) URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/29009
Assigning CNA
Microsoft Corporation
Date Record Created
20051109	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20051109)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)