QwikSec

Security Database

CVE

CWE

Training

CVE-2006-3590

Published: Jul 14, 2006

Modified: Aug 7, 2024

PUBLISHED

Description

mso.dll, as used by Microsoft PowerPoint 2000 through 2003, allows user-assisted attackers to execute arbitrary commands via a malformed shape container in a PPT file that leads to memory corruption, as exploited by Trojan.PPDropper.B, a different issue than CVE-2006-1540 and CVE-2006-3493.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

vendor-advisory

x_refsource_MS

third-party-advisory

x_refsource_SECUNIA

http://isc.sans.org/diary.php?storyid=1484

x_refsource_MISC

http://securityresponse.symantec.com/avcenter/venc/data/trojan.ppdropper.b.html

x_refsource_MISC

http://blogs.securiteam.com/?p=508

x_refsource_MISC

20060718 New PowerPoint Trojan installs itself as LSP

mailing-list

x_refsource_BUGTRAQ

20060716 Several updates in MS PowerPoint 0-day Vulnerability FAQ at SecuriTeam Blogs

mailing-list

x_refsource_BUGTRAQ

powerpoint-mso-code-execution2(27781)

vdb-entry

x_refsource_XF

20060714 Microsoft PowerPoint 0-day Vulnerability FAQ document written

mailing-list

x_refsource_BUGTRAQ

third-party-advisory

x_refsource_CERT

vdb-entry

x_refsource_VUPEN

vdb-entry

x_refsource_SECTRACK

third-party-advisory

x_refsource_CERT-VN

vdb-entry

x_refsource_OSVDB

powerpoint-mso-code-execution(27740)

vdb-entry

x_refsource_XF

vdb-entry

x_refsource_BID

oval:org.mitre.oval:def:399

vdb-entry

signature

x_refsource_OVAL

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.