CVE-2006-3868 — Code Injection in Microsoft Office
Severity
9.3CRITICALNVD
NVD5.1
EPSS
54.5%
top 1.97%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedOct 10
Latest updateMay 1
Description
Unspecified vulnerability in Microsoft Office XP and 2003 allows remote user-assisted attackers to execute arbitrary code via a malformed Smart Tag.
CVSS vector
AV:N/AC:H/C:P/I:P/A:PExploitability: 4.9 | Impact: 6.4
Affected Packages3 packages
🔴Vulnerability Details
3GHSA▶
GHSA-q87w-c2j6-95xj: Unspecified vulnerability in Microsoft Office XP and 2003 allows remote user-assisted attackers to execute arbitrary code via a malformed Smart Tag↗2022-05-01