CVE-2006-4854 - ** REJECT ** Unspecified vulnerability in Microsoft Office 2000 (Chinese Edition) and Microsoft Pow

CVE-2006-4854

Summary

** REJECT ** Unspecified vulnerability in Microsoft Office 2000 (Chinese Edition) and Microsoft PowerPoint 2000 (Chinese Edition) allows user-assisted attackers to execute arbitrary code via a crafted PPT document, as exploited by malware such as Trojan.PPDropper.E. NOTE: on 20060919, Microsoft notified CVE that this is a duplicate of CVE-2006-0009.

References

Vulnerable Configurations

CVSS

Base:	5.0
Impact:
Exploitability:

Access

Vector	Complexity	Authentication

Impact

Confidentiality	Integrity	Availability

refmap via4

bid	20059
fulldisc	20060919 New PowerPoint 0-day Trojan in the wild
misc	http://blogs.securiteam.com/?author=28 http://www.symantec.com/enterprise/security_response/weblog/2006/09/exploit_for_unpatched_vulnerab.html http://www.symantec.com/security_response/writeup.jsp?docid=2006-091810-5028-99
secunia	21978
vupen	ADV-2006-3678
xf	powerpoint-presentation-code-execution(29009)

Last major update

10-09-2008 - 20:30

Published

19-09-2006 - 18:07

Last modified

10-09-2008 - 20:30