CVE-2006-6456
First published: Mon Dec 11 2006(Updated: )
Unspecified vulnerability in Microsoft Word 2000, 2002, and 2003 and Word Viewer 2003 allows remote attackers to execute code via unspecified vectors related to malformed data structures that trigger memory corruption, a different vulnerability than CVE-2006-5994.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Microsoft Office | =2000-sp3 | |
| Microsoft Office | =2003-sp2 | |
| Microsoft Office | =2004 | |
| Microsoft Office | =xp-sp3 | |
| Microsoft Office Word | =2000 | |
| Microsoft Office Word | =2002 | |
| Microsoft Office Word | =2003 | |
| Microsoft Office Word Viewer | =2003 | |
| Microsoft Works Suite | =2004 | |
| Microsoft Works Suite | =2005 | |
| Microsoft Works Suite | =2006 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://isc.sans.org/diary.php?storyid=1925
- http://vil.mcafeesecurity.com/vil/content/v_141056.htm
- http://vil.mcafeesecurity.com/vil/content/v_vul27249.htm
- http://blogs.technet.com/msrc/archive/2006/12/10/new-report-of-a-word-zero-day.aspx
- http://www.kb.cert.org/vuls/id/166700
- http://secunia.com/advisories/23205
- http://securitytracker.com/id?1017358
- http://archives.neohapsis.com/archives/fulldisclosure/2006-12/0199.html
- http://archives.neohapsis.com/archives/fulldisclosure/2006-12/0215.html
- http://www.osvdb.org/30825
- http://www.securityfocus.com/bid/21518
- http://securitytracker.com/id?1017579
- http://www.us-cert.gov/cas/techalerts/TA07-044A.html
- http://www.vupen.com/english/advisories/2006/4920
- http://www.vupen.com/english/advisories/2007/0435
- https://exchange.xforce.ibmcloud.com/vulnerabilities/30806
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A746
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-014
- http://www.securityfocus.com/archive/1/454093/100/0/threaded
- http://www.securityfocus.com/archive/1/454072/100/0/threaded
- http://www.securityfocus.com/archive/1/454069/100/0/threaded
Frequently Asked Questions
What is the severity of CVE-2006-6456?
CVE-2006-6456 has a high severity level due to its potential to allow remote code execution.
How do I fix CVE-2006-6456?
To fix CVE-2006-6456, ensure that you have applied the latest security updates from Microsoft for affected versions of Word and Word Viewer.
Which software is affected by CVE-2006-6456?
CVE-2006-6456 affects Microsoft Word 2000, 2002, 2003, and Word Viewer 2003 among other specific Microsoft Office and Works software.
Can CVE-2006-6456 be exploited remotely?
Yes, CVE-2006-6456 can be exploited remotely through malformed data structures that trigger memory corruption.
What versions of Microsoft Word are impacted by CVE-2006-6456?
CVE-2006-6456 impacts Microsoft Word versions 2000, 2002, and 2003, along with related applications.
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/author
- agent/weakness
- agent/severity
- agent/last-modified-date
- agent/references
- agent/first-publish-date
- agent/event
- agent/description
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/nvd-historical
- vendor/microsoft
- canonical/microsoft office
- version/microsoft office/2000-sp3
- version/microsoft office/2003-sp2
- version/microsoft office/2004
- version/microsoft office/xp-sp3
- canonical/microsoft office word
- version/microsoft office word/2000
- version/microsoft office word/2002
- version/microsoft office word/2003
- canonical/microsoft office word viewer
- version/microsoft office word viewer/2003
- canonical/microsoft works suite
- version/microsoft works suite/2004
- version/microsoft works suite/2005
- version/microsoft works suite/2006