CVE-2006-3877

CWE-94Code Injection3 documents3 sources
Severity
9.3CRITICAL
EPSS
38.8%
top 2.74%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
14
Microsoft AccessMicrosoft ExcelMicrosoft Excel Viewer+11 more
Timeline
PublishedOct 10
Latest updateMay 1

Description

Unspecified vulnerability in PowerPoint in Microsoft Office 2000, Office 2002, Office 2003, Office 2004 for Mac, and Office v.X for Mac allows user-assisted attackers to execute arbitrary code via an unspecified "crafted file," a different vulnerability than CVE-2006-3435, CVE-2006-4694, and CVE-2006-3876.

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages14 packages

NVDmicrosoft/office4 versions+3
NVDmicrosoft/powerpoint4 versions+3
NVDmicrosoft/word2000, 2002, 2003+2
NVDmicrosoft/excel2000, 2002, 2003+2
NVDmicrosoft/visio2002, 2003+1

🔴Vulnerability Details

2
GHSA
GHSA-j86v-2r4w-rjjr: Unspecified vulnerability in PowerPoint in Microsoft Office 2000, Office 2002, Office 2003, Office 2004 for Mac, and Office v2022-05-01
CVEList
CVE-2006-3877: Unspecified vulnerability in PowerPoint in Microsoft Office 2000, Office 2002, Office 2003, Office 2004 for Mac, and Office v2006-10-10
CVE-2006-3877 (CRITICAL CVSS 9.3) | Unspecified vulnerability in PowerP | cvebase.io