PT-2006-1105 · Microsoft · Office+4

Ollie Whitehouse

Published

2006-03-14

Updated

2018-10-19

CVE-2006-0009

CVSS v2.0

5.1

Medium

Vector

AV:N/AC:H/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions: Microsoft Office versions 2000 SP3 through XP SP3

Description: A remote code execution issue exists, allowing attackers to execute arbitrary code via a specially crafted routing slip within an Office document. This could enable an attacker to take complete control of the affected system. The issue has been exploited by malware in attacks against PowerPoint.

Recommendations: For Microsoft Office versions 2000 SP3 through XP SP3, consider disabling the routing slip feature until a patch is available to prevent exploitation. Restrict access to Office documents from untrusted sources to minimize the risk of remote code execution.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2006-0009

Affected Products

Office

Office Excel

Office Powerpoint

Office Word

Outlook

PT-2006-1105 · Microsoft · Office+4

CVE-2006-0009

Related Identifiers

Affected Products

References · 54