Vulnerability-Lookup

CVE-2006-3590 (GCVE-0-2006-3590)

Vulnerability from cvelistv5 – Published: 2006-07-14 22:00 – Updated: 2024-08-07 18:30

Summary

mso.dll, as used by Microsoft PowerPoint 2000 through 2003, allows user-assisted attackers to execute arbitrary commands via a malformed shape container in a PPT file that leads to memory corruption, as exploited by Trojan.PPDropper.B, a different issue than CVE-2006-1540 and CVE-2006-3493.

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

	https://docs.microsoft.com/en-us/security-updates…	vendor-advisoryx_refsource_MS
	http://secunia.com/advisories/21040	third-party-advisoryx_refsource_SECUNIA
	http://isc.sans.org/diary.php?storyid=1484	x_refsource_MISC
	http://securityresponse.symantec.com/avcenter/ven…	x_refsource_MISC
	http://blogs.securiteam.com/?p=508	x_refsource_MISC
	http://www.securityfocus.com/archive/1/440532/100…	mailing-listx_refsource_BUGTRAQ
	http://www.securityfocus.com/archive/1/440255/100…	mailing-listx_refsource_BUGTRAQ
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://www.securityfocus.com/archive/1/440137/100…	mailing-listx_refsource_BUGTRAQ
	http://www.us-cert.gov/cas/techalerts/TA06-220A.html	third-party-advisoryx_refsource_CERT
	http://www.vupen.com/english/advisories/2006/2795	vdb-entryx_refsource_VUPEN
	http://securitytracker.com/id?1016496	vdb-entryx_refsource_SECTRACK
	http://www.kb.cert.org/vuls/id/936945	third-party-advisoryx_refsource_CERT-VN
	http://www.osvdb.org/27324	vdb-entryx_refsource_OSVDB
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://www.securityfocus.com/bid/18957	vdb-entryx_refsource_BID
	https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T18:30:34.516Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "MS06-048",
            "tags": [
              "vendor-advisory",
              "x_refsource_MS",
              "x_transferred"
            ],
            "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-048"
          },
          {
            "name": "21040",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/21040"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://isc.sans.org/diary.php?storyid=1484"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://securityresponse.symantec.com/avcenter/venc/data/trojan.ppdropper.b.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://blogs.securiteam.com/?p=508"
          },
          {
            "name": "20060718 New PowerPoint Trojan installs itself as LSP",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/440532/100/0/threaded"
          },
          {
            "name": "20060716 Several updates in MS PowerPoint 0-day Vulnerability FAQ at SecuriTeam Blogs",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/440255/100/0/threaded"
          },
          {
            "name": "powerpoint-mso-code-execution2(27781)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27781"
          },
          {
            "name": "20060714 Microsoft PowerPoint 0-day Vulnerability FAQ document written",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/440137/100/0/threaded"
          },
          {
            "name": "TA06-220A",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT",
              "x_transferred"
            ],
            "url": "http://www.us-cert.gov/cas/techalerts/TA06-220A.html"
          },
          {
            "name": "ADV-2006-2795",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2006/2795"
          },
          {
            "name": "1016496",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1016496"
          },
          {
            "name": "VU#936945",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/936945"
          },
          {
            "name": "27324",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/27324"
          },
          {
            "name": "powerpoint-mso-code-execution(27740)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27740"
          },
          {
            "name": "18957",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/18957"
          },
          {
            "name": "oval:org.mitre.oval:def:399",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A399"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2006-07-13T04:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "mso.dll, as used by Microsoft PowerPoint 2000 through 2003, allows user-assisted attackers to execute arbitrary commands via a malformed shape container in a PPT file that leads to memory corruption, as exploited by Trojan.PPDropper.B, a different issue than CVE-2006-1540 and CVE-2006-3493."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-18T18:57:01.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "MS06-048",
          "tags": [
            "vendor-advisory",
            "x_refsource_MS"
          ],
          "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-048"
        },
        {
          "name": "21040",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/21040"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://isc.sans.org/diary.php?storyid=1484"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://securityresponse.symantec.com/avcenter/venc/data/trojan.ppdropper.b.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://blogs.securiteam.com/?p=508"
        },
        {
          "name": "20060718 New PowerPoint Trojan installs itself as LSP",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/440532/100/0/threaded"
        },
        {
          "name": "20060716 Several updates in MS PowerPoint 0-day Vulnerability FAQ at SecuriTeam Blogs",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/440255/100/0/threaded"
        },
        {
          "name": "powerpoint-mso-code-execution2(27781)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27781"
        },
        {
          "name": "20060714 Microsoft PowerPoint 0-day Vulnerability FAQ document written",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/440137/100/0/threaded"
        },
        {
          "name": "TA06-220A",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT"
          ],
          "url": "http://www.us-cert.gov/cas/techalerts/TA06-220A.html"
        },
        {
          "name": "ADV-2006-2795",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2006/2795"
        },
        {
          "name": "1016496",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1016496"
        },
        {
          "name": "VU#936945",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/936945"
        },
        {
          "name": "27324",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/27324"
        },
        {
          "name": "powerpoint-mso-code-execution(27740)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27740"
        },
        {
          "name": "18957",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/18957"
        },
        {
          "name": "oval:org.mitre.oval:def:399",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A399"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2006-3590",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "mso.dll, as used by Microsoft PowerPoint 2000 through 2003, allows user-assisted attackers to execute arbitrary commands via a malformed shape container in a PPT file that leads to memory corruption, as exploited by Trojan.PPDropper.B, a different issue than CVE-2006-1540 and CVE-2006-3493."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "MS06-048",
              "refsource": "MS",
              "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-048"
            },
            {
              "name": "21040",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/21040"
            },
            {
              "name": "http://isc.sans.org/diary.php?storyid=1484",
              "refsource": "MISC",
              "url": "http://isc.sans.org/diary.php?storyid=1484"
            },
            {
              "name": "http://securityresponse.symantec.com/avcenter/venc/data/trojan.ppdropper.b.html",
              "refsource": "MISC",
              "url": "http://securityresponse.symantec.com/avcenter/venc/data/trojan.ppdropper.b.html"
            },
            {
              "name": "http://blogs.securiteam.com/?p=508",
              "refsource": "MISC",
              "url": "http://blogs.securiteam.com/?p=508"
            },
            {
              "name": "20060718 New PowerPoint Trojan installs itself as LSP",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/440532/100/0/threaded"
            },
            {
              "name": "20060716 Several updates in MS PowerPoint 0-day Vulnerability FAQ at SecuriTeam Blogs",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/440255/100/0/threaded"
            },
            {
              "name": "powerpoint-mso-code-execution2(27781)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27781"
            },
            {
              "name": "20060714 Microsoft PowerPoint 0-day Vulnerability FAQ document written",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/440137/100/0/threaded"
            },
            {
              "name": "TA06-220A",
              "refsource": "CERT",
              "url": "http://www.us-cert.gov/cas/techalerts/TA06-220A.html"
            },
            {
              "name": "ADV-2006-2795",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2006/2795"
            },
            {
              "name": "1016496",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1016496"
            },
            {
              "name": "VU#936945",
              "refsource": "CERT-VN",
              "url": "http://www.kb.cert.org/vuls/id/936945"
            },
            {
              "name": "27324",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/27324"
            },
            {
              "name": "powerpoint-mso-code-execution(27740)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27740"
            },
            {
              "name": "18957",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/18957"
            },
            {
              "name": "oval:org.mitre.oval:def:399",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A399"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2006-3590",
    "datePublished": "2006-07-14T22:00:00.000Z",
    "dateReserved": "2006-07-14T04:00:00.000Z",
    "dateUpdated": "2024-08-07T18:30:34.516Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CERTA-2006-AVI-346

Vulnerability from certfr_avis - Published: 2006-08-09 - Updated: 2006-08-09

Plusieurs vulnérabilités ont été identifiées dans Microsoft Office Powerpoint. Une personne malveillante peut construire des documents Powerpoint exploitant l'une d'elles afin d'exécuter des commandes arbitraires lorsqu'ils seront ouverts sur le système ayant une version vulnérable.

Description

Cet avis fait suite à la mise à jour de l'alerte CERTA-2006-ALE-009-002.

Plusieurs vulnérabilités ont été identifiées dans le logiciel de présentations Microsoft Office Powerpoint. L'une d'elles concerne la bibliothèque mso.dll utilisée par la suite Office.

Pour exploiter celles-ci, un utilisateur malveillant doit construire un document Powerpoint particulier, puis le distribuer (par courrier électronique, par lien dans une page Web, etc). Si un utilisateur l'ouvre sur un système vulnérable, il est alors possible d'exécuter des commandes arbitraires avec les droits de ce dernier.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Microsoft Powerpoint 2000 dans Office 2000 Service Pack 3 ;
Microsoft Powerpoint 2002 dans Office XP Service Pack 3 ;
Microsoft Powerpoint 2003 dans Office 2003 (Service Pack 1 ou 2) ;
Microsoft Powerpoint 2004 dans Office 2004 pour Mac ;
Microsoft Powerpoint v.X dans Office v.X pour Mac.

La visionneuse Microsoft Powerpoint 2003 n'est pas affectée par ces vulnérabilités, ainsi que les produits de Microsoft Works Suite.

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Bulletin de sécurité Microsoft MS06-048 du 08 août 2006	None	vendor-advisory
Référence à l'alerte CERTA CERTA-ALE-2006-009 :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cUL\u003e    \u003cLI\u003eMicrosoft Powerpoint 2000 dans Office 2000 Service Pack 3    ;\u003c/LI\u003e    \u003cLI\u003eMicrosoft Powerpoint 2002 dans Office XP Service Pack 3    ;\u003c/LI\u003e    \u003cLI\u003eMicrosoft Powerpoint 2003 dans Office 2003 (Service Pack 1    ou 2) ;\u003c/LI\u003e    \u003cLI\u003eMicrosoft Powerpoint 2004 dans Office 2004 pour Mac ;\u003c/LI\u003e    \u003cLI\u003eMicrosoft Powerpoint v.X dans Office v.X pour Mac.\u003c/LI\u003e  \u003c/UL\u003e  \u003cP\u003eLa visionneuse Microsoft Powerpoint 2003 n\u0027est pas affect\u00e9e  par ces vuln\u00e9rabilit\u00e9s, ainsi que les produits de Microsoft Works  Suite.\u003c/P\u003e",
  "content": "## Description\n\nCet avis fait suite \u00e0 la mise \u00e0 jour de l\u0027alerte CERTA-2006-ALE-009-002.\n\nPlusieurs vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 identifi\u00e9es dans le logiciel de\npr\u00e9sentations Microsoft Office Powerpoint. L\u0027une d\u0027elles concerne la\nbiblioth\u00e8que mso.dll utilis\u00e9e par la suite Office.\n\nPour exploiter celles-ci, un utilisateur malveillant doit construire un\ndocument Powerpoint particulier, puis le distribuer (par courrier\n\u00e9lectronique, par lien dans une page Web, etc). Si un utilisateur\nl\u0027ouvre sur un syst\u00e8me vuln\u00e9rable, il est alors possible d\u0027ex\u00e9cuter des\ncommandes arbitraires avec les droits de ce dernier.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2006-3449",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-3449"
    },
    {
      "name": "CVE-2006-3590",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-3590"
    }
  ],
  "initial_release_date": "2006-08-09T00:00:00",
  "last_revision_date": "2006-08-09T00:00:00",
  "links": [
    {
      "title": "R\u00e9f\u00e9rence \u00e0 l\u0027alerte CERTA CERTA-ALE-2006-009 :",
      "url": "http://www.certa.ssi.gouv.fr/site/CERTA-2006-ALE-009/"
    }
  ],
  "reference": "CERTA-2006-AVI-346",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2006-08-09T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "Plusieurs vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 identifi\u00e9es dans Microsoft Office\nPowerpoint. Une personne malveillante peut construire des documents\nPowerpoint exploitant l\u0027une d\u0027elles afin d\u0027ex\u00e9cuter des commandes\narbitraires lorsqu\u0027ils seront ouverts sur le syst\u00e8me ayant une version\nvuln\u00e9rable.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Microsoft Office, dont Powerpoint",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft MS06-048 du 08 ao\u00fbt 2006",
      "url": "http://www.microsoft.com/technet/security/Bulletin/MS06-048.mspx"
    }
  ]
}

GSD-2006-3590

Vulnerability from gsd - Updated: 2023-12-13 01:19

Details

Aliases

CVE-2006-3590

Aliases

CVE-2006-3590

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2006-3590",
    "description": "mso.dll, as used by Microsoft PowerPoint 2000 through 2003, allows user-assisted attackers to execute arbitrary commands via a malformed shape container in a PPT file that leads to memory corruption, as exploited by Trojan.PPDropper.B, a different issue than CVE-2006-1540 and CVE-2006-3493.",
    "id": "GSD-2006-3590"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2006-3590"
      ],
      "details": "mso.dll, as used by Microsoft PowerPoint 2000 through 2003, allows user-assisted attackers to execute arbitrary commands via a malformed shape container in a PPT file that leads to memory corruption, as exploited by Trojan.PPDropper.B, a different issue than CVE-2006-1540 and CVE-2006-3493.",
      "id": "GSD-2006-3590",
      "modified": "2023-12-13T01:19:56.946254Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2006-3590",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "mso.dll, as used by Microsoft PowerPoint 2000 through 2003, allows user-assisted attackers to execute arbitrary commands via a malformed shape container in a PPT file that leads to memory corruption, as exploited by Trojan.PPDropper.B, a different issue than CVE-2006-1540 and CVE-2006-3493."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "MS06-048",
            "refsource": "MS",
            "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-048"
          },
          {
            "name": "21040",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/21040"
          },
          {
            "name": "http://isc.sans.org/diary.php?storyid=1484",
            "refsource": "MISC",
            "url": "http://isc.sans.org/diary.php?storyid=1484"
          },
          {
            "name": "http://securityresponse.symantec.com/avcenter/venc/data/trojan.ppdropper.b.html",
            "refsource": "MISC",
            "url": "http://securityresponse.symantec.com/avcenter/venc/data/trojan.ppdropper.b.html"
          },
          {
            "name": "http://blogs.securiteam.com/?p=508",
            "refsource": "MISC",
            "url": "http://blogs.securiteam.com/?p=508"
          },
          {
            "name": "20060718 New PowerPoint Trojan installs itself as LSP",
            "refsource": "BUGTRAQ",
            "url": "http://www.securityfocus.com/archive/1/440532/100/0/threaded"
          },
          {
            "name": "20060716 Several updates in MS PowerPoint 0-day Vulnerability FAQ at SecuriTeam Blogs",
            "refsource": "BUGTRAQ",
            "url": "http://www.securityfocus.com/archive/1/440255/100/0/threaded"
          },
          {
            "name": "powerpoint-mso-code-execution2(27781)",
            "refsource": "XF",
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27781"
          },
          {
            "name": "20060714 Microsoft PowerPoint 0-day Vulnerability FAQ document written",
            "refsource": "BUGTRAQ",
            "url": "http://www.securityfocus.com/archive/1/440137/100/0/threaded"
          },
          {
            "name": "TA06-220A",
            "refsource": "CERT",
            "url": "http://www.us-cert.gov/cas/techalerts/TA06-220A.html"
          },
          {
            "name": "ADV-2006-2795",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2006/2795"
          },
          {
            "name": "1016496",
            "refsource": "SECTRACK",
            "url": "http://securitytracker.com/id?1016496"
          },
          {
            "name": "VU#936945",
            "refsource": "CERT-VN",
            "url": "http://www.kb.cert.org/vuls/id/936945"
          },
          {
            "name": "27324",
            "refsource": "OSVDB",
            "url": "http://www.osvdb.org/27324"
          },
          {
            "name": "powerpoint-mso-code-execution(27740)",
            "refsource": "XF",
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27740"
          },
          {
            "name": "18957",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/18957"
          },
          {
            "name": "oval:org.mitre.oval:def:399",
            "refsource": "OVAL",
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A399"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:microsoft:powerpoint:2000:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:microsoft:powerpoint:2003:sp1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:microsoft:powerpoint:2003:sp2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:microsoft:powerpoint:2002:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:microsoft:powerpoint:2003:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2006-3590"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "mso.dll, as used by Microsoft PowerPoint 2000 through 2003, allows user-assisted attackers to execute arbitrary commands via a malformed shape container in a PPT file that leads to memory corruption, as exploited by Trojan.PPDropper.B, a different issue than CVE-2006-1540 and CVE-2006-3493."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "NVD-CWE-Other"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://securityresponse.symantec.com/avcenter/venc/data/trojan.ppdropper.b.html",
              "refsource": "MISC",
              "tags": [],
              "url": "http://securityresponse.symantec.com/avcenter/venc/data/trojan.ppdropper.b.html"
            },
            {
              "name": "http://isc.sans.org/diary.php?storyid=1484",
              "refsource": "MISC",
              "tags": [],
              "url": "http://isc.sans.org/diary.php?storyid=1484"
            },
            {
              "name": "http://blogs.securiteam.com/?p=508",
              "refsource": "MISC",
              "tags": [],
              "url": "http://blogs.securiteam.com/?p=508"
            },
            {
              "name": "VU#936945",
              "refsource": "CERT-VN",
              "tags": [
                "US Government Resource"
              ],
              "url": "http://www.kb.cert.org/vuls/id/936945"
            },
            {
              "name": "18957",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/18957"
            },
            {
              "name": "1016496",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://securitytracker.com/id?1016496"
            },
            {
              "name": "21040",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/21040"
            },
            {
              "name": "27324",
              "refsource": "OSVDB",
              "tags": [],
              "url": "http://www.osvdb.org/27324"
            },
            {
              "name": "TA06-220A",
              "refsource": "CERT",
              "tags": [
                "US Government Resource"
              ],
              "url": "http://www.us-cert.gov/cas/techalerts/TA06-220A.html"
            },
            {
              "name": "ADV-2006-2795",
              "refsource": "VUPEN",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/2795"
            },
            {
              "name": "powerpoint-mso-code-execution2(27781)",
              "refsource": "XF",
              "tags": [],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27781"
            },
            {
              "name": "powerpoint-mso-code-execution(27740)",
              "refsource": "XF",
              "tags": [],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27740"
            },
            {
              "name": "oval:org.mitre.oval:def:399",
              "refsource": "OVAL",
              "tags": [],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A399"
            },
            {
              "name": "MS06-048",
              "refsource": "MS",
              "tags": [],
              "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-048"
            },
            {
              "name": "20060718 New PowerPoint Trojan installs itself as LSP",
              "refsource": "BUGTRAQ",
              "tags": [],
              "url": "http://www.securityfocus.com/archive/1/440532/100/0/threaded"
            },
            {
              "name": "20060716 Several updates in MS PowerPoint 0-day Vulnerability FAQ at SecuriTeam Blogs",
              "refsource": "BUGTRAQ",
              "tags": [],
              "url": "http://www.securityfocus.com/archive/1/440255/100/0/threaded"
            },
            {
              "name": "20060714 Microsoft PowerPoint 0-day Vulnerability FAQ document written",
              "refsource": "BUGTRAQ",
              "tags": [],
              "url": "http://www.securityfocus.com/archive/1/440137/100/0/threaded"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "HIGH",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.1,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 4.9,
          "impactScore": 6.4,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": true,
          "severity": "MEDIUM",
          "userInteractionRequired": true
        }
      },
      "lastModifiedDate": "2018-10-18T16:48Z",
      "publishedDate": "2006-07-14T18:05Z"
    }
  }
}

FKIE_CVE-2006-3590

Vulnerability from fkie_nvd - Published: 2006-07-14 18:05 - Updated: 2025-04-03 01:03

Severity ?

Summary

References

URL	Tags
cve@mitre.org	http://blogs.securiteam.com/?p=508
cve@mitre.org	http://isc.sans.org/diary.php?storyid=1484
cve@mitre.org	http://secunia.com/advisories/21040	Vendor Advisory
cve@mitre.org	http://securityresponse.symantec.com/avcenter/venc/data/trojan.ppdropper.b.html
cve@mitre.org	http://securitytracker.com/id?1016496
cve@mitre.org	http://www.kb.cert.org/vuls/id/936945	US Government Resource
cve@mitre.org	http://www.osvdb.org/27324
cve@mitre.org	http://www.securityfocus.com/archive/1/440137/100/0/threaded
cve@mitre.org	http://www.securityfocus.com/archive/1/440255/100/0/threaded
cve@mitre.org	http://www.securityfocus.com/archive/1/440532/100/0/threaded
cve@mitre.org	http://www.securityfocus.com/bid/18957
cve@mitre.org	http://www.us-cert.gov/cas/techalerts/TA06-220A.html	US Government Resource
cve@mitre.org	http://www.vupen.com/english/advisories/2006/2795	Vendor Advisory
cve@mitre.org	https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-048
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/27740
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/27781
cve@mitre.org	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A399
af854a3a-2127-422b-91ae-364da2661108	http://blogs.securiteam.com/?p=508
af854a3a-2127-422b-91ae-364da2661108	http://isc.sans.org/diary.php?storyid=1484
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/21040	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://securityresponse.symantec.com/avcenter/venc/data/trojan.ppdropper.b.html
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1016496
af854a3a-2127-422b-91ae-364da2661108	http://www.kb.cert.org/vuls/id/936945	US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.osvdb.org/27324
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/440137/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/440255/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/440532/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/18957
af854a3a-2127-422b-91ae-364da2661108	http://www.us-cert.gov/cas/techalerts/TA06-220A.html	US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2006/2795	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-048
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/27740
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/27781
af854a3a-2127-422b-91ae-364da2661108	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A399

Impacted products

Vendor	Product	Version
microsoft	powerpoint	2000
microsoft	powerpoint	2002
microsoft	powerpoint	2003
microsoft	powerpoint	2003
microsoft	powerpoint	2003

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:microsoft:powerpoint:2000:*:*:*:*:*:*:*",
              "matchCriteriaId": "3E392539-ABF6-4B5C-AEC3-C54B51E0DB70",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:powerpoint:2002:*:*:*:*:*:*:*",
              "matchCriteriaId": "711D9CC0-31B8-4511-A9F3-CA328A02ED84",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:powerpoint:2003:*:*:*:*:*:*:*",
              "matchCriteriaId": "F5611EFD-2C7C-47BA-83E5-947EA00D8E6C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:powerpoint:2003:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "8A83E4CC-3182-465A-BE82-619445B23EEF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:powerpoint:2003:sp2:*:*:*:*:*:*",
              "matchCriteriaId": "EACB44AC-9433-4D28-9EC4-1F6857C3A57D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "mso.dll, as used by Microsoft PowerPoint 2000 through 2003, allows user-assisted attackers to execute arbitrary commands via a malformed shape container in a PPT file that leads to memory corruption, as exploited by Trojan.PPDropper.B, a different issue than CVE-2006-1540 and CVE-2006-3493."
    },
    {
      "lang": "es",
      "value": "mso.dll, usado por Microsoft PowerPoint 2000 a 2003, permite a atacantes remotos con la complicidad del usuario ejecutar \u00f3rdenes de su elecci\u00f3n mediante la configuraci\u00f3n de la forma malformado en un fichero PPT , lo que causa una corrupci\u00f3n de memoria, explotado por Trojan.PPDropper.B, un asunto diferente que CVE-2006-1540 y CVE-2006-3493.\r\n"
    }
  ],
  "id": "CVE-2006-3590",
  "lastModified": "2025-04-03T01:03:51.193",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "HIGH",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.1,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 4.9,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": true,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2006-07-14T18:05:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://blogs.securiteam.com/?p=508"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://isc.sans.org/diary.php?storyid=1484"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/21040"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securityresponse.symantec.com/avcenter/venc/data/trojan.ppdropper.b.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securitytracker.com/id?1016496"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/936945"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.osvdb.org/27324"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/440137/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/440255/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/440532/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/18957"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/cas/techalerts/TA06-220A.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2006/2795"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-048"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27740"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27781"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A399"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://blogs.securiteam.com/?p=508"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://isc.sans.org/diary.php?storyid=1484"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/21040"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securityresponse.symantec.com/avcenter/venc/data/trojan.ppdropper.b.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1016496"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/936945"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.osvdb.org/27324"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/440137/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/440255/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/440532/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/18957"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/cas/techalerts/TA06-220A.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2006/2795"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-048"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27740"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27781"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A399"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CERTA-2006-ALE-009

Vulnerability from certfr_alerte - Published: 2006-07-15 - Updated: 2006-08-09

Une vulnérabilité non corrigée dans une librairie de Microsoft Office permettrait à un utilisateur mal intentionné d'exécuter du code arbitraire ou de provoquer un déni de service à distance. Un code en circulation exploite cette vulnérabilité par le biais de documents Powerpoint.

Description

Les fonctions mso (Microsoft Office) sont des fonctions spéciales disponibles dans la librairie mso.dll d'Office. Elles s'occupent par exemple des affichages de bulles, des barres de menu, des boîtes de dialogue, etc. Ces fonctions sont appelées par plusieurs applications de Microsoft Office, notamment Word ou Powerpoint.

Une vulnérabilité a été identifiée dans la librairie mso.dll. Elle fait l'objet d'une utilisation par du code malveillant sur l'Internet. Elle est exploitée par le biais d'un document Powerpoint.

Powerpoint serait également impacté par deux autres vulnérabilités. Cette information n'est pas confirmée pour le moment.

Contournement provisoire

5.1 Utiliser les visionneuses Office dans la mesure du possible

La visionneuse de documents Powerpoint ne serait pas affectée par les vulnérabilités précédentes.

5.2 Mettre à jour la base de signatures d'antivirus

Certains éditeurs d'antivirus proposent déjà des mises à jour de signatures prenant en compte le code malveillant sous sa forme actuelle. Il est cependant probable que des variantes apparaissent afin de contourner ces signatures.

5.3 Filter les pièces jointes au niveau de la passerelle de la messagerie

Les passerelles de messagerie offrent le plus souvent la possibilité de filtrer les documents en pièce jointe. Dans les cas les plus simples, elles se basent sur l'extension du nom du fichier. Dans la mesure du possible, il est conseillé de filtrer les extensions .ppt venant de domaines externes.

5.4 Ouvrir les documents provenant de sources de confiance

A la réception d'un document Office (au format .ppt compte tenu du code malveillant actuel), soit par le biais de la messagerie électronique ou sur tout autre support, il est nécessaire de s'assurer de la provenance de ce fichier et de ne l'ouvrir que si la source est de confiance.

Solution

Appliquer le correctif MS06-048 de l'éditeur Microsoft (Cf. section documentation).

Microsoft Powerpoint dans Microsoft Office XP ;
Microsoft Powerpoint 2002 dans Microsoft Office 2003 ;
Microsoft Powerpoint 2003 dans 0ffice 2000 ;
Microsoft Powerpoint dans Office 2004 pour MacOS.

Microsoft Office concerne une suite d'applications, incluant Excel, FrontPage, Outlook, Powerpoint, Publisher et Word.

La visionneuse de documents Powerpoint (Microsoft Powerpoint Viewer) ne serait pas affectée par cette vulnérabilité.

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Téléchargement de la visionneuse Microsoft Powerpoint :	-	other
Bulletin de sécurité Microsoft MS06-048 du 08 août 2006 :	-	other
Avis CERTA CERTA-2006-AVI-346 du 09 août 2006 :	-	other
Memento du CERTA sur les virus informatiques :	-	other
Bulletin de sécurité Microsoft MS06-048 du 08 août 2006 :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cUL\u003e    \u003cLI\u003eMicrosoft Powerpoint dans Microsoft Office XP ;\u003c/LI\u003e    \u003cLI\u003eMicrosoft Powerpoint 2002 dans Microsoft Office 2003 ;\u003c/LI\u003e    \u003cLI\u003eMicrosoft Powerpoint 2003 dans 0ffice 2000 ;\u003c/LI\u003e    \u003cLI\u003eMicrosoft Powerpoint dans Office 2004 pour MacOS.\u003c/LI\u003e  \u003c/UL\u003e  \u003cP\u003eMicrosoft Office concerne une suite d\u0027applications, incluant  Excel, FrontPage, Outlook, Powerpoint, Publisher et Word.\u003c/P\u003e  \u003cP\u003eLa visionneuse de documents Powerpoint (\u003cTT\u003eMicrosoft  Powerpoint Viewer\u003c/TT\u003e) ne serait pas affect\u00e9e par cette  vuln\u00e9rabilit\u00e9.\u003c/P\u003e",
  "closed_at": "2006-08-09",
  "content": "## Description\n\nLes fonctions mso (Microsoft Office) sont des fonctions sp\u00e9ciales\ndisponibles dans la librairie mso.dll d\u0027Office. Elles s\u0027occupent par\nexemple des affichages de bulles, des barres de menu, des bo\u00eetes de\ndialogue, etc. Ces fonctions sont appel\u00e9es par plusieurs applications de\nMicrosoft Office, notamment Word ou Powerpoint.\n\nUne vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 identifi\u00e9e dans la librairie mso.dll. Elle fait\nl\u0027objet d\u0027une utilisation par du code malveillant sur l\u0027Internet. Elle\nest exploit\u00e9e par le biais d\u0027un document Powerpoint.\n\nPowerpoint serait \u00e9galement impact\u00e9 par deux autres vuln\u00e9rabilit\u00e9s.\nCette information n\u0027est pas confirm\u00e9e pour le moment.\n\n## Contournement provisoire\n\n## 5.1 Utiliser les visionneuses Office dans la mesure du possible\n\nLa visionneuse de documents Powerpoint ne serait pas affect\u00e9e par les\nvuln\u00e9rabilit\u00e9s pr\u00e9c\u00e9dentes.\n\n## 5.2 Mettre \u00e0 jour la base de signatures d\u0027antivirus\n\nCertains \u00e9diteurs d\u0027antivirus proposent d\u00e9j\u00e0 des mises \u00e0 jour de\nsignatures prenant en compte le code malveillant sous sa forme actuelle.\nIl est cependant probable que des variantes apparaissent afin de\ncontourner ces signatures.\n\n## 5.3 Filter les pi\u00e8ces jointes au niveau de la passerelle de la messagerie\n\nLes passerelles de messagerie offrent le plus souvent la possibilit\u00e9 de\nfiltrer les documents en pi\u00e8ce jointe. Dans les cas les plus simples,\nelles se basent sur l\u0027extension du nom du fichier. Dans la mesure du\npossible, il est conseill\u00e9 de filtrer les extensions .ppt venant de\ndomaines externes.\n\n## 5.4 Ouvrir les documents provenant de sources de confiance\n\nA la r\u00e9ception d\u0027un document Office (au format .ppt compte tenu du code\nmalveillant actuel), soit par le biais de la messagerie \u00e9lectronique ou\nsur tout autre support, il est n\u00e9cessaire de s\u0027assurer de la provenance\nde ce fichier et de ne l\u0027ouvrir que si la source est de confiance.\n\n## Solution\n\nAppliquer le correctif MS06-048 de l\u0027\u00e9diteur Microsoft (Cf. section\ndocumentation).\n",
  "cves": [
    {
      "name": "CVE-2006-3656",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-3656"
    },
    {
      "name": "CVE-2006-3590",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-3590"
    },
    {
      "name": "CVE-2006-3655",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-3655"
    },
    {
      "name": "CVE-2006-3660",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-3660"
    },
    {
      "name": "CVE-2006-3493",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-3493"
    }
  ],
  "initial_release_date": "2006-07-15T00:00:00",
  "last_revision_date": "2006-08-09T00:00:00",
  "links": [
    {
      "title": "T\u00e9l\u00e9chargement de la visionneuse Microsoft Powerpoint :",
      "url": "http://www.microsoft.com/downloads/Products.aspx?displaylang=fr"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft MS06-048 du 08 ao\u00fbt 2006 :",
      "url": "http://www.microsoft.com/france/technet/security/Bulletin/MS06-046.mspx"
    },
    {
      "title": "Avis CERTA CERTA-2006-AVI-346 du 09 ao\u00fbt 2006 :",
      "url": "http://www.certa.ssi.gouv.fr/site/CERTA-2006-AVI-346/"
    },
    {
      "title": "Memento du CERTA sur les virus informatiques :",
      "url": "http://www.certa.ssi.gouv.fr/site/CERTA-2005-MEM-001.pdf"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft MS06-048 du 08 ao\u00fbt 2006 :",
      "url": "http://www.microsoft.com/technet/security/Bulletin/MS06-048.mspx"
    }
  ],
  "reference": "CERTA-2006-ALE-009",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2006-07-15T00:00:00.000000"
    },
    {
      "description": "ajout de r\u00e9f\u00e9rences.",
      "revision_date": "2006-07-18T00:00:00.000000"
    },
    {
      "description": "ajout du correctif MS06-048 de Microsoft et de l\u0027avis CERTA-2006-AVI-346.",
      "revision_date": "2006-08-09T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "Une vuln\u00e9rabilit\u00e9 non corrig\u00e9e dans une librairie de Microsoft Office\npermettrait \u00e0 un utilisateur mal intentionn\u00e9 d\u0027ex\u00e9cuter du code\narbitraire ou de provoquer un d\u00e9ni de service \u00e0 distance. Un code en\ncirculation exploite cette vuln\u00e9rabilit\u00e9 par le biais de documents\nPowerpoint.\n",
  "title": "Vuln\u00e9rabilit\u00e9 de la librairie MSO.DLL dans Microsoft Office",
  "vendor_advisories": []
}

GHSA-RH8H-GPVG-VG6Q

Vulnerability from github – Published: 2022-05-01 07:10 – Updated: 2022-05-01 07:10

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2006-3590"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2006-07-14T18:05:00Z",
    "severity": "MODERATE"
  },
  "details": "mso.dll, as used by Microsoft PowerPoint 2000 through 2003, allows user-assisted attackers to execute arbitrary commands via a malformed shape container in a PPT file that leads to memory corruption, as exploited by Trojan.PPDropper.B, a different issue than CVE-2006-1540 and CVE-2006-3493.",
  "id": "GHSA-rh8h-gpvg-vg6q",
  "modified": "2022-05-01T07:10:36Z",
  "published": "2022-05-01T07:10:36Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-3590"
    },
    {
      "type": "WEB",
      "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-048"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27740"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27781"
    },
    {
      "type": "WEB",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A399"
    },
    {
      "type": "WEB",
      "url": "http://blogs.securiteam.com/?p=508"
    },
    {
      "type": "WEB",
      "url": "http://isc.sans.org/diary.php?storyid=1484"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/21040"
    },
    {
      "type": "WEB",
      "url": "http://securityresponse.symantec.com/avcenter/venc/data/trojan.ppdropper.b.html"
    },
    {
      "type": "WEB",
      "url": "http://securitytracker.com/id?1016496"
    },
    {
      "type": "WEB",
      "url": "http://www.kb.cert.org/vuls/id/936945"
    },
    {
      "type": "WEB",
      "url": "http://www.osvdb.org/27324"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/archive/1/440137/100/0/threaded"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/archive/1/440255/100/0/threaded"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/archive/1/440532/100/0/threaded"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/18957"
    },
    {
      "type": "WEB",
      "url": "http://www.us-cert.gov/cas/techalerts/TA06-220A.html"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2006/2795"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2006-3590 (GCVE-0-2006-3590)

CERTA-2006-AVI-346

Description

Solution

GSD-2006-3590

FKIE_CVE-2006-3590

CERTA-2006-ALE-009

Description

Contournement provisoire

5.1 Utiliser les visionneuses Office dans la mesure du possible

5.2 Mettre à jour la base de signatures d'antivirus

5.3 Filter les pièces jointes au niveau de la passerelle de la messagerie

5.4 Ouvrir les documents provenant de sources de confiance

Solution

GHSA-RH8H-GPVG-VG6Q

Tags

Sightings

Nomenclature