CVE-2006-3435 — Code Injection in Microsoft Access

CWE-94 — Code Injection8 documents2 sources

Severity

9.3CRITICALNVD

NVD4.3

EPSS

46.6%

top 2.33%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Microsoft Access Microsoft Excel Microsoft Excel Viewer +11 more

Timeline

PublishedOct 10

Latest updateMay 1

Description

PowerPoint in Microsoft Office 2000, XP, 2003, 2004 for Mac, and v.X for Mac does not properly parse the slide notes field in a document, which allows remote user-assisted attackers to execute arbitrary code via crafted data in this field, which triggers an erroneous object pointer calculation that uses data from within the document. NOTE: this issue is different than other PowerPoint vulnerabilities including CVE-2006-4694.

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages14 packages

▶NVDmicrosoft/powerpoint4 versions+3

▶NVDmicrosoft/office6 versions+5

▶NVDmicrosoft/onenote2003

▶NVDmicrosoft/word2000, 2002, 2003+2

▶NVDmicrosoft/excel2000, 2002, 2003+2

🔴Vulnerability Details

GHSA

GHSA-j86v-2r4w-rjjr: Unspecified vulnerability in PowerPoint in Microsoft Office 2000, Office 2002, Office 2003, Office 2004 for Mac, and Office v↗2022-05-01

▶

GHSA

GHSA-4qf8-jx39-2cv9: PowerPoint in Microsoft Office 2003 does not properly handle a container object whose position value exceeds the record length, which allows user-assi↗2022-05-01

▶

GHSA

GHSA-rrw4-gpgf-m865: PowerPoint in Microsoft Office 2000, XP, 2003, 2004 for Mac, and v↗2022-05-01

▶

GHSA

GHSA-4842-r7qr-qmjq: Unspecified vulnerability in PowerPoint in Microsoft Office 2000, Office 2002, Office 2003, Office 2004 for Mac, and Office v↗2022-05-01

▶