#VU1205 Buffer overflow in Microsoft Office for macOS - CVE-2006-4693
Published: December 5, 2016
Vulnerability identifier: #VU1205
Vulnerability risk: High
CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber
CVE-ID: CVE-2006-4693
CWE-ID: CWE-119
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vulnerable software:
Microsoft Office for macOS
Microsoft Office for macOS
Software vendor:
Microsoft
Microsoft
Description
The vulnerability allows a remote user to execute arbitrary code on the target system.
The weakness is due to buffer overflow. An attacker could exploit this vulnerability when Word for Mac parses a specially crafted file that contains a malformed string.
Successful exploitation of the vulnerability results in arbitrary code execution on the vulnerable system.
The weakness is due to buffer overflow. An attacker could exploit this vulnerability when Word for Mac parses a specially crafted file that contains a malformed string.
Successful exploitation of the vulnerability results in arbitrary code execution on the vulnerable system.
Remediation
Microsoft Office 2004 for Mac - https://www.microsoft.com/mac/
Microsoft Office v. X for Mac - https://www.microsoft.com/mac/
Microsoft Office v. X for Mac - https://www.microsoft.com/mac/