cbcvebase.
CVE-2006-4694
published 2006-09-27

CVE-2006-4694: Unspecified vulnerability in PowerPoint in Microsoft Office 2000, Office XP and Office 2003 allows user-assisted attackers to execute arbitrary code via a…

PriorityP268critical9.3CVSS 2.0
AVNACMAuNCCICAC
ITWVulnCheck KEV
Exploited in the wild
EPSS
12.46%
95.7th percentile
Unspecified vulnerability in PowerPoint in Microsoft Office 2000, Office XP and Office 2003 allows user-assisted attackers to execute arbitrary code via a crafted record in a PPT file, as exploited by malware such as Exploit:Win32/Controlppt.W, Exploit:Win32/Controlppt.X, and Exploit-PPT.d/Trojan.PPDropper.F. NOTE: it has been reported that the attack vector involves SlideShowWindows.View.GotoNamedShow.

Affected

37 ranges· showing 25
VendorProductVersion rangeFixed in
microsoftaccess
microsoftaccess
microsoftaccess
microsoftexcel
microsoftexcel
microsoftexcel
microsoftexcel_viewer
microsoftfrontpage
microsoftfrontpage
microsoftfrontpage
microsoftinfopath
microsoftoffice
microsoftoffice
microsoftoffice
microsoftoffice
microsoftoffice
microsoftoffice
microsoftonenote
microsoftoutlook
microsoftoutlook
microsoftoutlook
microsoftpowerpoint
microsoftpowerpoint
microsoftpowerpoint
microsoftpowerpoint

CVSS provenance

nvdv2.09.3CRITICALAV:N/AC:M/Au:N/C:C/I:C/A:C
vulncheck9.3CRITICAL
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.