CVE-2006-3650

CVE-2006-3650 · HIGH Severity

AV:N/AC:M/AU:N/C:C/I:C/A:C

Microsoft Office 2000, XP, 2003, 2004 for Mac, and v.X for Mac do not properly parse the length of a chart record, which allows remote user-assisted attackers to execute arbitrary code via a Word document with an embedded malformed chart record that triggers an overwrite of pointer values with values from the document, a different vulnerability than CVE-2006-3434, CVE-2006-3864, and CVE-2006-3868.

Learn more about our Cis Benchmark Audit For Microsoft Office.