CVE-2006-6561

EXPLOITED

Microsoft Word <2003 - RCE

Title source: llm

Description

Unspecified vulnerability in Microsoft Word 2000, 2002, and Word Viewer 2003 allows user-assisted remote attackers to execute arbitrary code via a crafted DOC file that triggers memory corruption, as demonstrated via the 12122006-djtest.doc file, a different issue than CVE-2006-5994 and CVE-2006-6456.

Exploits (1)

exploitdb WRITEUP

doswindows

https://www.exploit-db.com/exploits/2922

View Code ZIP pw:eip

References (12)

[Various Sources] http://blogs.securiteam.com/?p=763

[Various Sources] http://blogs.technet.com/msrc/archive/2006/12/15/update-on-current-word-vulnerability-reports.aspx

[Vendor Advisory] http://research.eeye.com/html/alerts/zeroday/20061212.html

[Third Party Advisory, US Government Resource] http://www.kb.cert.org/vuls/id/996892

[Exploit] http://www.milw0rm.com/sploits/12122006-djtest.doc

[Exploit] http://www.securityfocus.com/archive/1/454219/30/0/threaded

[Vendor Advisory] http://www.securityfocus.com/bid/21589

[Vendor Advisory] http://www.vupen.com/english/advisories/2006/4997

[Third Party Advisory, VDB Entry] https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A332

[Various Sources] http://www.infoworld.com/article/06/12/13/HNthirdword_1.html

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/30885

[Third Party Advisory, VDB Entry] http://securitytracker.com/id?1017390

Scores

EPSS 0.7143

EPSS Percentile 98.7%

Details

VulnCheck KEV 2007-02-13

Status published

Products (11)

microsoft/office 2000 sp3

microsoft/office 2003 sp2

microsoft/office 2004

microsoft/office xp sp3

microsoft/word 2000

microsoft/word 2002

microsoft/word 2003

microsoft/word_viewer 2003

microsoft/works 2004

microsoft/works 2005

... and 1 more

Published Dec 14, 2006

Tracked Since Feb 18, 2026