PT-2006-1113 · Microsoft · Office Powerpoint+2

Dejun Meng

Published

2006-06-13

Updated

2018-10-12

CVE-2006-0022

CVSS v2.0

7.6

High

Vector

AV:N/AC:H/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions: Microsoft Office versions 2000 SP3, Office XP SP3, Office 2003 SP1 and SP2 Microsoft Office for Mac versions 2004, X

Description: The issue allows user-assisted attackers to execute arbitrary code via a PowerPoint document with a malformed record, which triggers memory corruption. It is a remote code execution vulnerability that can be exploited by constructing a specially crafted PowerPoint file.

Recommendations: For Microsoft Office 2000 SP3, update to a version that is not affected by this issue. For Microsoft Office XP SP3, update to a version that is not affected by this issue. For Microsoft Office 2003 SP1 and SP2, update to a version that is not affected by this issue. For Microsoft Office 2004 for Mac, update to a version that is not affected by this issue. For Microsoft Office X for Mac, update to a version that is not affected by this issue.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2006-0022

Affected Products

Office

Office For Mac

Office Powerpoint

PT-2006-1113 · Microsoft · Office Powerpoint+2

CVE-2006-0022

Related Identifiers

Affected Products

References · 21