Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2006-3647

Integer overflow in Microsoft Word 2000, 2002, 2003, 2004 for Mac, and v.X for Mac allows remote user-assisted attackers to execute arbitrary code via a crafted string in a Word document, which overflows a 16-bit integer length value, aka "Memmove Code Execution," a different vulnerability than CVE-2006-3651 and CVE-2006-4693.

Published

2006-10-10T22:07:00.000

Last Modified

2025-04-09T00:30:58.490

Status

Deferred

Source

[email protected]

Severity

CVSSv2: 9.3 (HIGH)

CVSSv2 Vector

AV:N/AC:M/Au:N/C:C/I:C/A:C

Access Vector: NETWORK
Access Complexity: MEDIUM
Authentication: NONE
Confidentiality Impact: COMPLETE
Integrity Impact: COMPLETE
Availability Impact: COMPLETE

Exploitability Score

8.6

Impact Score

10.0

Weaknesses

Type: Primary
CWE-189

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	microsoft	office	2000	Yes
Application	microsoft	office	2000	Yes
Application	microsoft	office	2000	Yes
Application	microsoft	office	2000	Yes
Application	microsoft	office	2000	Yes
Application	microsoft	office	2000	Yes
Application	microsoft	office	2000	Yes
Application	microsoft	office	2001	Yes
Application	microsoft	office	2001	Yes
Application	microsoft	office	2001	Yes
Application	microsoft	office	2003	Yes
Application	microsoft	office	2003	Yes
Application	microsoft	office	2003	Yes
Application	microsoft	office	2003	Yes
Application	microsoft	office	2004	Yes
Application	microsoft	office	v.x	Yes

References

http://archives.neohapsis.com/archives/fulldisclosure/2006-10/0211.html Broken Link ([email protected])
http://securitytracker.com/id?1017032 Third Party Advisory, VDB Entry ([email protected])
http://www.osvdb.org/29440 Broken Link ([email protected])
http://www.securityfocus.com/archive/1/448417/100/0/threaded ([email protected])
http://www.securityfocus.com/archive/1/449179/100/0/threaded ([email protected])
http://www.securityfocus.com/archive/1/449179/100/0/threaded ([email protected])
http://www.securityfocus.com/bid/20341 Third Party Advisory, VDB Entry ([email protected])
http://www.vupen.com/english/advisories/2006/3979 Vendor Advisory ([email protected])
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-060 ([email protected])
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4 Third Party Advisory ([email protected])
http://archives.neohapsis.com/archives/fulldisclosure/2006-10/0211.html Broken Link (af854a3a-2127-422b-91ae-364da2661108)
http://securitytracker.com/id?1017032 Third Party Advisory, VDB Entry (af854a3a-2127-422b-91ae-364da2661108)
http://www.osvdb.org/29440 Broken Link (af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/archive/1/448417/100/0/threaded (af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/archive/1/449179/100/0/threaded (af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/archive/1/449179/100/0/threaded (af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/20341 Third Party Advisory, VDB Entry (af854a3a-2127-422b-91ae-364da2661108)
http://www.vupen.com/english/advisories/2006/3979 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-060 (af854a3a-2127-422b-91ae-364da2661108)
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4 Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)