Executive Summary

TitleVulnerability in PowerPoint Could Allow Remote Code Execution
NameKB925984First vendor Publication2006-09-27
VendorMicrosoftLast vendor Modification2006-10-10
Severity (Vendor) N/ARevisionN/A

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C)
Cvss Base Score9.3Attack RangeNetwork
Cvss Impact Score10Attack ComplexityMedium
Cvss Expoit Score8.6AuthenticationNone Required
Calculate full CVSS 2.0 Vectors scores


Microsoft has completed the investigation into a public report of this vulnerability. We have issued MS06-058 to address this issue. For more information about this issue, including download links for an available security update, please review MS06-058. The vulnerability addressed is the PowerPoint Malformed Record Vulnerability - CVE-2006-4694.

Original Source

Url : http://www.microsoft.com/technet/security/advisory/925984.mspx

CWE : Common Weakness Enumeration

100 %CWE-94Failure to Control Generation of Code ('Code Injection')

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:269
Oval ID: oval:org.mitre.oval:def:269
Title: Microsoft PowerPoint Malformed Record Vulnerability
Description: Unspecified vulnerability in PowerPoint in Microsoft Office 2000, Office XP and Office 2003 allows user-assisted attackers to execute arbitrary code via a crafted record in a PPT file, as exploited by malware such as Exploit:Win32/Controlppt.W, Exploit:Win32/Controlppt.X, and Exploit-PPT.d/Trojan.PPDropper.F. NOTE: it has been reported that the attack vector involves SlideShowWindows.View.GotoNamedShow.
Family: windows Class: vulnerability
Reference(s): CVE-2006-4694
Version: 3
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Product(s): Microsoft PowerPoint
Definition Synopsis:

CPE : Common Platform Enumeration


SAINT Exploits

Microsoft PowerPoint NamedShows record code executionMore info here

Open Source Vulnerability Database (OSVDB)

29259Microsoft PowerPoint PPT Unspecified Arbitrary Code Execution

Snort® IPS/IDS

2014-01-10Microsoft Office PowerPoint malformed NamedShows record code execution attempt
RuleID : 17497 - Revision : 17 - Type : FILE-OFFICE
2014-01-10Microsoft Office PowerPoint malformed NamedShows record code execution attempt
RuleID : 17496 - Revision : 17 - Type : FILE-OFFICE

Nessus® Vulnerability Scanner

2006-10-11Name : An application installed on the remote Mac OS X host is affected by multiple ...
File : macosx_ms_office_oct2006.nasl - Type : ACT_GATHER_INFO
2006-10-10Name : Arbitrary code can be executed on the remote host through Microsoft PowerPoint.
File : smb_nt_ms06-058.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
2013-05-11 12:20:22
  • Multiple Updates