Vulnerabilities > CVE-2006-3590 - Unspecified vulnerability in Microsoft Powerpoint 2000/2002/2003

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN
microsoft
nessus
NVD
Published: 2006-07-14
Updated: 2024-11-21

Summary

mso.dll, as used by Microsoft PowerPoint 2000 through 2003, allows user-assisted attackers to execute arbitrary commands via a malformed shape container in a PPT file that leads to memory corruption, as exploited by Trojan.PPDropper.B, a different issue than CVE-2006-1540 and CVE-2006-3493.

Vulnerable Configurations

Part Description Count
Application
Microsoft
5

Nessus

NASL familyWindows : Microsoft Bulletins
NASL idSMB_NT_MS06-048.NASL
descriptionThe remote host is running a version of Microsoft Office that could allow arbitrary code execution. To succeed, the attacker would have to send a rogue file to a user of the remote computer and have him open it with Microsoft Office.
last seen2020-06-01
modified2020-06-02
plugin id22190
published2006-08-08
reporterThis script is Copyright (C) 2006-2018 Tenable Network Security, Inc.
sourcehttps://www.tenable.com/plugins/nessus/22190
titleMS06-048: Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (922968)

Oval

accepted2012-05-28T04:01:41.229-04:00
classvulnerability
contributors
  • nameRobert L. Hollis
    organizationThreatGuard, Inc.
  • nameShane Shaffer
    organizationG2, Inc.
  • nameShane Shaffer
    organizationG2, Inc.
definition_extensions
  • commentMicrosoft PowerPoint 2000 is installed
    ovaloval:org.mitre.oval:def:696
  • commentMicrosoft PowerPoint 2002 is installed
    ovaloval:org.mitre.oval:def:305
  • commentMicrosoft PowerPoint 2003 is installed
    ovaloval:org.mitre.oval:def:666
descriptionmso.dll, as used by Microsoft PowerPoint 2000 through 2003, allows user-assisted attackers to execute arbitrary commands via a malformed shape container in a PPT file that leads to memory corruption, as exploited by Trojan.PPDropper.B, a different issue than CVE-2006-1540 and CVE-2006-3493.
familywindows
idoval:org.mitre.oval:def:399
statusaccepted
submitted2006-08-11T12:53:40
titleMicrosoft PowerPoint Mso.dll Vulnerability
version9

References