CVE-2006-4694 - CVE Reference - Advisories

CVE Reference: CVE-2006-4694

NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2006-4694

Description: Unspecified vulnerability in PowerPoint in Microsoft Office 2000, Office XP and Office 2003 allows user-assisted attackers to execute arbitrary code via a crafted record in a PPT file, as exploited by malware such as Exploit:Win32/Controlppt.W, Exploit:Win32/Controlppt.X, and Exploit-PPT.d/Trojan.PPDropper.F. NOTE: it has been reported that the attack vector involves SlideShowWindows.View.GotoNamedShow.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/29225 ST 1016937 SAID Secunia Advisory: SA22127 OVAL http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:269 OSVDB 29259 MS http://www.microsoft.com/technet/security/Bulletin/MS06-058.mspx MISC http://www.microsoft.com/technet/security/advisory/925984.mspx http://www.avertlabs.com/research/blog/?p=95 http://vil.nai.com/vil/content/v_140666.htm HP http://www.securityfocus.com/archive/1/archive/1/449179/100/0/threaded CERT-VN 231204 CERT http://www.us-cert.gov/cas/techalerts/TA06-283A.html BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/447831/100/0/threaded BID 20226

Return to the previous page.

Secunia PSI
Scan | Patch | Track
Free Download

Secunia Poll

Most Popular Advisories

1.	Linux Kernel LDT Buffer Size Handling Vulnerability

2.	OpenBSD BIND Query Port DNS Cache Poisoning

3.	Apple Safari Cross-Domain Cookie Injection Vulnerability

4.	Drupal Session Fixation Vulnerability

5.	Red Hat update for thunderbird

6.	Debian update for clamav

7.	Red Hat update for kernel

8.	Slackware update for dnsmasq

9.	Ubuntu update for php

10.	IPCop update for perl