Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2006-5296Microsoft Powerpoint vulnerability

5 documents4 sources
Severity
4.3MEDIUMNVD
CNA9.3
EPSS
67.8%
top 1.41%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Microsoft Powerpoint
Timeline
PublishedOct 16
Latest updateMay 1

Description

PowerPoint in Microsoft Office 2003 does not properly handle a container object whose position value exceeds the record length, which allows user-assisted attackers to cause a denial of service (NULL dereference and application crash) via a crafted PowerPoint (.PPT) file, as demonstrated by Nanika.ppt, and a different vulnerability than CVE-2006-3435, CVE-2006-3876, CVE-2006-3877, and CVE-2006-4694. NOTE: the impact of this issue was originally claimed to be arbitrary code execution, but later a

CVSS vector

AV:N/AC:M/C:N/I:N/A:PExploitability: 8.6 | Impact: 2.9

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-4qf8-jx39-2cv9: PowerPoint in Microsoft Office 2003 does not properly handle a container object whose position value exceeds the record length, which allows user-assi2022-05-01
CVEList
CVE-2006-5296: PowerPoint in Microsoft Office 2003 does not properly handle a container object whose position value exceeds the record length, which allows user-assi2006-10-16

💥Exploits & PoCs

2
Exploit-DB
Microsoft Office 2003 - '.PPT' Local Buffer Overflow (PoC)2006-10-12
Exploit-DB
Microsoft Internet Explorer 7.0 Beta 2 - 'urlmon.dll' Denial of Service2006-02-07
CVE-2006-5296 — Microsoft Powerpoint vulnerability | cvebase