CVE-2006-2492 - Secunia Advisories - Vulnerability Information

CVE Reference: CVE-2006-2492
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2006-2492

Description: Buffer overflow in Microsoft Word in Office 2000 SP3, Office XP SP3, Office 2003 Sp1 and SP2, and Microsoft Works Suites through 2006, allows user-assisted attackers to execute arbitrary code via a malformed object pointer, as originally reported by ISC on 20060519 for a zero-day attack.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/26556 ST 1016130 SAID Secunia Advisory: SA20153 OVAL http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:1418 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:1738 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:2068 OSVDB 25635 MS http://www.microsoft.com/technet/security/bulletin/ms06-027.mspx MISC http://blogs.technet.com/msrc/archive/2006/05/19/429353.aspx http://isc.sans.org/diary.php?storyid=1346 http://isc.sans.org/diary.php?storyid=1345 CONFIRM http://www.microsoft.com/technet/security/advisory/919637.mspx CERT-VN 446012 CERT http://www.us-cert.gov/cas/techalerts/TA06-164A.html http://www.us-cert.gov/cas/techalerts/TA06-139A.html BID 18037

Return to the previous page.