OpenCVE

Unspecified vulnerability in Microsoft Office 2000, XP, 2003, 2004 for Mac, and v.X for Mac allows remote user-assisted attackers to execute arbitrary code via a crafted string that triggers memory corruption.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:N/AC:M/Au:N/C:C/I:C/A:C

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Microsoft	Office

Configuration 1 [-]

OR	cpe:2.3:a:microsoft:office:2000:::::::*
	cpe:2.3:a:microsoft:office:2000:::ja::::
	cpe:2.3:a:microsoft:office:2000:::ko::::
	cpe:2.3:a:microsoft:office:2000:::zh::::
	cpe:2.3:a:microsoft:office:2000:sp1::::::
	cpe:2.3:a:microsoft:office:2000:sp2::::::
	cpe:2.3:a:microsoft:office:2000:sp3::::::
	cpe:2.3:a:microsoft:office:2003::::student_teacher:::
	cpe:2.3:a:microsoft:office:2003:sp1::::::
	cpe:2.3:a:microsoft:office:2003:sp2::::::
	cpe:2.3:a:microsoft:office:2003:sp3::::::
	cpe:2.3:a:microsoft:office:2004:::::mac_os_x::
	cpe:2.3:a:microsoft:office:v.x:::::::*

No data.

References

Link	Providers
http://secunia.com/advisories/22339
http://securitytracker.com/id?1017034
http://www.kb.cert.org/vuls/id/234900
http://www.securityfocus.com/archive/1/449179/100/0/threaded
http://www.securityfocus.com/bid/20382
http://www.vupen.com/english/advisories/2006/3981
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-062
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A389

History

No history.

MITRE

Status: PUBLISHED

Assigner: microsoft

Published: 2006-10-10T22:00:00

Updated: 2024-08-07T18:30:33.975Z

Reserved: 2006-07-07T00:00:00

Link: CVE-2006-3434

Vulnrichment

No data.

NVD

Status : Modified

Published: 2006-10-10T22:07:00.000

Modified: 2024-11-21T00:13:37.020

Link: CVE-2006-3434

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2006-10-10T00:00:00", "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in Microsoft Office 2000, XP, 2003, 2004 for Mac, and v.X for Mac allows remote user-assisted attackers to execute arbitrary code via a crafted string that triggers memory corruption."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-18T14:57:01", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft"}, "references": [{"name": "VU#234900", "tags": ["third-party-advisory", "x_refsource_CERT-VN"], "url": "http://www.kb.cert.org/vuls/id/234900"}, {"name": "oval:org.mitre.oval:def:389", "tags": ["vdb-entry", "signature", "x_refsource_OVAL"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A389"}, {"name": "SSRT061264", "tags": ["vendor-advisory", "x_refsource_HP"], "url": "http://www.securityfocus.com/archive/1/449179/100/0/threaded"}, {"name": "ADV-2006-3981", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2006/3981"}, {"name": "MS06-062", "tags": ["vendor-advisory", "x_refsource_MS"], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-062"}, {"name": "1017034", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://securitytracker.com/id?1017034"}, {"name": "HPSBST02161", "tags": ["vendor-advisory", "x_refsource_HP"], "url": "http://www.securityfocus.com/archive/1/449179/100/0/threaded"}, {"name": "20382", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/20382"}, {"name": "22339", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/22339"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "secure@microsoft.com", "ID": "CVE-2006-3434", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Unspecified vulnerability in Microsoft Office 2000, XP, 2003, 2004 for Mac, and v.X for Mac allows remote user-assisted attackers to execute arbitrary code via a crafted string that triggers memory corruption."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "VU#234900", "refsource": "CERT-VN", "url": "http://www.kb.cert.org/vuls/id/234900"}, {"name": "oval:org.mitre.oval:def:389", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A389"}, {"name": "SSRT061264", "refsource": "HP", "url": "http://www.securityfocus.com/archive/1/449179/100/0/threaded"}, {"name": "ADV-2006-3981", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2006/3981"}, {"name": "MS06-062", "refsource": "MS", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-062"}, {"name": "1017034", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1017034"}, {"name": "HPSBST02161", "refsource": "HP", "url": "http://www.securityfocus.com/archive/1/449179/100/0/threaded"}, {"name": "20382", "refsource": "BID", "url": "http://www.securityfocus.com/bid/20382"}, {"name": "22339", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/22339"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T18:30:33.975Z"}, "title": "CVE Program Container", "references": [{"name": "VU#234900", "tags": ["third-party-advisory", "x_refsource_CERT-VN", "x_transferred"], "url": "http://www.kb.cert.org/vuls/id/234900"}, {"name": "oval:org.mitre.oval:def:389", "tags": ["vdb-entry", "signature", "x_refsource_OVAL", "x_transferred"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A389"}, {"name": "SSRT061264", "tags": ["vendor-advisory", "x_refsource_HP", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/449179/100/0/threaded"}, {"name": "ADV-2006-3981", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2006/3981"}, {"name": "MS06-062", "tags": ["vendor-advisory", "x_refsource_MS", "x_transferred"], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-062"}, {"name": "1017034", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://securitytracker.com/id?1017034"}, {"name": "HPSBST02161", "tags": ["vendor-advisory", "x_refsource_HP", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/449179/100/0/threaded"}, {"name": "20382", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/20382"}, {"name": "22339", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/22339"}]}]}, "cveMetadata": {"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2006-3434", "datePublished": "2006-10-10T22:00:00", "dateReserved": "2006-07-07T00:00:00", "dateUpdated": "2024-08-07T18:30:33.975Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:microsoft:office:2000:*:*:*:*:*:*:*", "matchCriteriaId": "A9A82D13-513C-46FA-AF51-0582233E230A", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:office:2000:*:*:ja:*:*:*:*", "matchCriteriaId": "757EC6C1-F5E2-45CD-9F7F-7760ECEDC842", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:office:2000:*:*:ko:*:*:*:*", "matchCriteriaId": "59B1B68C-86F1-4FA4-9F82-3E8761ED1E74", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:office:2000:*:*:zh:*:*:*:*", "matchCriteriaId": "716DDA05-D094-4837-852C-0511CDDD5ABC", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:office:2000:sp1:*:*:*:*:*:*", "matchCriteriaId": "3C54DDAF-8D7F-4A7D-9186-6048D4C850B2", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:office:2000:sp2:*:*:*:*:*:*", "matchCriteriaId": "67388076-420D-4327-A436-329177EA6F42", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:office:2000:sp3:*:*:*:*:*:*", "matchCriteriaId": "4891122F-AD7F-45E6-98C6-833227916F6B", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:office:2003:*:*:*:student_teacher:*:*:*", "matchCriteriaId": "ADD36A6D-10D8-4E06-899A-70FF822DAD15", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:office:2003:sp1:*:*:*:*:*:*", "matchCriteriaId": "4EED9D78-AE73-44BA-A1CE-603994E92E89", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:office:2003:sp2:*:*:*:*:*:*", "matchCriteriaId": "07D3F3E4-93FB-481A-94D9-075E726697C4", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:office:2003:sp3:*:*:*:*:*:*", "matchCriteriaId": "A332D04D-CC8C-4F68-A261-BA2F2D8EAD1E", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:office:2004:*:*:*:*:mac_os_x:*:*", "matchCriteriaId": "A78DC369-DCAE-4D75-8C33-0FFF108640F8", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:office:v.x:*:*:*:*:*:*:*", "matchCriteriaId": "310DF9B3-3494-4BD4-8A9D-82211EA6C518", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in Microsoft Office 2000, XP, 2003, 2004 for Mac, and v.X for Mac allows remote user-assisted attackers to execute arbitrary code via a crafted string that triggers memory corruption."}, {"lang": "es", "value": "Vulnerabilidad no especificada en Microsoft Office 2000, XP, 2003, 2004 para Mac, y v.X para Mac permite a atacantes remotos con la complicidad del usuario ejecutar c\u00f3digo de su elecci\u00f3n mediante una cadena artesanal que dispara una corrupci\u00f3n de memoria."}], "id": "CVE-2006-3434", "lastModified": "2024-11-21T00:13:37.020", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}]}, "published": "2006-10-10T22:07:00.000", "references": [{"source": "secure@microsoft.com", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/22339"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://securitytracker.com/id?1017034"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory", "US Government Resource"], "url": "http://www.kb.cert.org/vuls/id/234900"}, {"source": "secure@microsoft.com", "url": "http://www.securityfocus.com/archive/1/449179/100/0/threaded"}, {"source": "secure@microsoft.com", "url": "http://www.securityfocus.com/archive/1/449179/100/0/threaded"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/20382"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory"], "url": "http://www.vupen.com/english/advisories/2006/3981"}, {"source": "secure@microsoft.com", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-062"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A389"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/22339"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://securitytracker.com/id?1017034"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "US Government Resource"], "url": "http://www.kb.cert.org/vuls/id/234900"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/449179/100/0/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/449179/100/0/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/20382"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://www.vupen.com/english/advisories/2006/3981"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-062"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A389"}], "sourceIdentifier": "secure@microsoft.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}