CVE-2006-3435 - CVE Reference - Advisories

CVE Reference: CVE-2006-3435

NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2006-3435

Description: PowerPoint in Microsoft Office 2000, XP, 2003, 2004 for Mac, and v.X for Mac does not properly parse the slide notes field in a document, which allows remote user-assisted attackers to execute arbitrary code via crafted data in this field, which triggers an erroneous object pointer calculation that uses data from within the document. NOTE: this issue is different than other PowerPoint vulnerabilities including CVE-2006-4694.

CVE Status: Candidate

References: ST 1017030 OVAL http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:476 OSVDB 29446 MS http://www.microsoft.com/technet/security/Bulletin/MS06-058.mspx MISC http://www.zerodayinitiative.com/advisories/ZDI-06-032.html HP http://www.securityfocus.com/archive/1/archive/1/449179/100/0/threaded CERT-VN 187028 BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/448149/100/0/threaded BID 20304

Return to the previous page.

Secunia PSI
Scan | Patch | Track
Free Download

Secunia Poll

Most Popular Advisories

1.	Microsoft Windows DNS Spoofing Vulnerabilities

2.	Microsoft Access Snapshot Viewer ActiveX Control Vulnerability

3.	Microsoft Windows Explorer Saved Search Vulnerability

4.	Joomla Unauthorized Access Vulnerabilities

5.	Microsoft SQL Server and MSDE Multiple Vulnerabilities

6.	Microsoft Outlook Web Access Script Insertion Vulnerabilities

7.	ArticleBeach Script "page" File Inclusion Vulnerability

8.	Mozilla Firefox Multiple Vulnerabilities

9.	Symantec Brightmail AntiSpam Notifier Denial of Service

10.	PHP-Nuke 4ndvddb Module "id" SQL Injection Vulnerability