critical
9.3
CWE
94
Advisory Published
Updated

CVE-2006-3877: Code Injection

First published: Tue Oct 10 2006(Updated: )

Unspecified vulnerability in PowerPoint in Microsoft Office 2000, Office 2002, Office 2003, Office 2004 for Mac, and Office v.X for Mac allows user-assisted attackers to execute arbitrary code via an unspecified "crafted file," a different vulnerability than CVE-2006-3435, CVE-2006-4694, and CVE-2006-3876.

Credit: secure@microsoft.com

Affected SoftwareAffected VersionHow to fix
Microsoft Access 2010=2000
Microsoft Access 2010=2002
Microsoft Access 2010=2003
Microsoft Office Excel=2000
Microsoft Office Excel=2002
Microsoft Office Excel=2003
Microsoft Office Excel Viewer=2003
Microsoft Office FrontPage=2000
Microsoft Office FrontPage=2002
Microsoft Office FrontPage=2003
Microsoft InfoPath 2016=2003
Microsoft Office=2000-sp3
Microsoft Office=2003-sp2
Microsoft Office=2004
Microsoft Office=xp-sp3
Microsoft OneNote 2010=2003
Microsoft Outlook=2000
Microsoft Outlook=2002
Microsoft Outlook=2003
Microsoft PowerPoint 2010=2000
Microsoft PowerPoint 2010=2002
Microsoft PowerPoint 2010=2003
Microsoft PowerPoint 2010=2004
Microsoft Project 2010=2000-sr1
Microsoft Project 2010=2002-sp1
Microsoft Project 2010=2003
Microsoft Publisher 2010=2000
Microsoft Publisher 2010=2002
Microsoft Publisher 2010=2003
Microsoft Visio Standard=2002-sp2
Microsoft Visio Standard=2003
Microsoft Office Word=2000
Microsoft Office Word=2002
Microsoft Office Word=2003
Microsoft Office Word Viewer=2003
=2000
=2002
=2003
=2000
=2002
=2003
=2003
=2000
=2002
=2003
=2003
=2000-sp3
=2003-sp2
=2004
=xp-sp3
=2003
=2000
=2002
=2003
=2000
=2002
=2003
=2004
=2000-sr1
=2002-sp1
=2003
=2000
=2002
=2003
=2002-sp2
=2003
=2000
=2002
=2003
=2003

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Frequently Asked Questions

  • What is the severity of CVE-2006-3877?

    CVE-2006-3877 is considered to have a high severity as it may allow attackers to execute arbitrary code on affected systems.

  • How do I fix CVE-2006-3877?

    To remediate CVE-2006-3877, users should apply the latest patches and updates provided by Microsoft for the affected Office products.

  • Which Microsoft products are affected by CVE-2006-3877?

    CVE-2006-3877 affects Microsoft Office 2000, 2002, 2003, and specific versions for Mac including Office 2004.

  • What kind of attacks does CVE-2006-3877 enable?

    CVE-2006-3877 enables user-assisted attacks potentially resulting in the execution of malicious code when opening crafted files.

  • Is CVE-2006-3877 related to other vulnerabilities?

    Yes, CVE-2006-3877 is a different vulnerability compared to CVE-2006-3435 and CVE-2006-4694, which also affect Microsoft Office products.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203