CVE-2006-1311 - OpenCVE

The RichEdit component in Microsoft Windows 2000 SP4, XP SP2, and 2003 SP1; Office 2000 SP3, XP SP3, 2003 SP2, and Office 2004 for Mac; and Learning Essentials for Microsoft Office 1.0, 1.1, and 1.5 allows user-assisted remote attackers to execute arbitrary code via a malformed OLE object in an RTF file, which triggers memory corruption.

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:N/AC:M/Au:N/C:C/I:C/A:C

Vendors & Products
CPE Configurations

Vendors	Products
Microsoft	Windows 2000 Windows 2003 Server Office Windows Xp Learning Essentials

Configuration 1 [-]

OR	cpe:2.3:a:microsoft:learning_essentials:1.0:::::::*
	cpe:2.3:a:microsoft:learning_essentials:1.1:::::::*
	cpe:2.3:a:microsoft:learning_essentials:1.5:::::::*
	cpe:2.3:a:microsoft:office::::::::
	cpe:2.3:a:microsoft:office:2000:sp3::::::
	cpe:2.3:a:microsoft:office:2003:sp2::::::
	cpe:2.3:a:microsoft:office:xp:sp3::::::

Configuration 2 [-]

OR	cpe:2.3:o:microsoft:windows_2000::sp4::fr::::
	cpe:2.3:o:microsoft:windows_2003_server:sp1:::::::*
	cpe:2.3:o:microsoft:windows_xp::sp2:tablet_pc:::::

References

Link	Resource
http://secunia.com/advisories/24152
http://www.kb.cert.org/vuls/id/368132	US Government Resource
http://www.osvdb.org/31886
http://www.securityfocus.com/bid/21876
http://www.securitytracker.com/id?1017640
http://www.securitytracker.com/id?1017641
http://www.us-cert.gov/cas/techalerts/TA07-044A.html	US Government Resource
http://www.vupen.com/english/advisories/2007/0582
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-013
https://exchange.xforce.ibmcloud.com/vulnerabilities/30592
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1090

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: microsoft

Published: 2007-02-13T20:00:00

Updated: 2018-10-12T19:57:01

Reserved: 2006-03-20T00:00:00

Link: CVE-2006-1311

JSON object: View

NVD Information

Status : Modified

Published: 2007-02-13T20:28:00.000

Modified: 2018-10-12T21:39:25.213

Link: CVE-2006-1311

JSON object: View

Redhat Information

No data.

CWE

NVD-CWE-Other

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2007-02-13T00:00:00", "descriptions": [{"lang": "en", "value": "The RichEdit component in Microsoft Windows 2000 SP4, XP SP2, and 2003 SP1; Office 2000 SP3, XP SP3, 2003 SP2, and Office 2004 for Mac; and Learning Essentials for Microsoft Office 1.0, 1.1, and 1.5 allows user-assisted remote attackers to execute arbitrary code via a malformed OLE object in an RTF file, which triggers memory corruption."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-12T19:57:01", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft"}, "references": [{"name": "ADV-2007-0582", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2007/0582"}, {"name": "31886", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/31886"}, {"name": "1017640", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id?1017640"}, {"name": "VU#368132", "tags": ["third-party-advisory", "x_refsource_CERT-VN"], "url": "http://www.kb.cert.org/vuls/id/368132"}, {"name": "1017641", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id?1017641"}, {"name": "21876", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/21876"}, {"name": "TA07-044A", "tags": ["third-party-advisory", "x_refsource_CERT"], "url": "http://www.us-cert.gov/cas/techalerts/TA07-044A.html"}, {"name": "MS07-013", "tags": ["vendor-advisory", "x_refsource_MS"], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-013"}, {"name": "ms-richedit-code-execution(30592)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30592"}, {"name": "24152", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/24152"}, {"name": "oval:org.mitre.oval:def:1090", "tags": ["vdb-entry", "signature", "x_refsource_OVAL"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1090"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "secure@microsoft.com", "ID": "CVE-2006-1311", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The RichEdit component in Microsoft Windows 2000 SP4, XP SP2, and 2003 SP1; Office 2000 SP3, XP SP3, 2003 SP2, and Office 2004 for Mac; and Learning Essentials for Microsoft Office 1.0, 1.1, and 1.5 allows user-assisted remote attackers to execute arbitrary code via a malformed OLE object in an RTF file, which triggers memory corruption."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "ADV-2007-0582", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2007/0582"}, {"name": "31886", "refsource": "OSVDB", "url": "http://www.osvdb.org/31886"}, {"name": "1017640", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1017640"}, {"name": "VU#368132", "refsource": "CERT-VN", "url": "http://www.kb.cert.org/vuls/id/368132"}, {"name": "1017641", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1017641"}, {"name": "21876", "refsource": "BID", "url": "http://www.securityfocus.com/bid/21876"}, {"name": "TA07-044A", "refsource": "CERT", "url": "http://www.us-cert.gov/cas/techalerts/TA07-044A.html"}, {"name": "MS07-013", "refsource": "MS", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-013"}, {"name": "ms-richedit-code-execution(30592)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30592"}, {"name": "24152", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/24152"}, {"name": "oval:org.mitre.oval:def:1090", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1090"}]}}}}, "cveMetadata": {"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2006-1311", "datePublished": "2007-02-13T20:00:00", "dateReserved": "2006-03-20T00:00:00", "dateUpdated": "2018-10-12T19:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:microsoft:learning_essentials:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "556AEEE8-2801-4B4A-AEC1-22BF8FFC7489", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:learning_essentials:1.1:*:*:*:*:*:*:*", "matchCriteriaId": "1DE325B7-0EDA-4807-9EA1-BCB4EAD5850D", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:learning_essentials:1.5:*:*:*:*:*:*:*", "matchCriteriaId": "43C727FE-979A-4B67-B995-F5298C570A83", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:office:*:*:*:*:*:*:*:*", "matchCriteriaId": "49AD45BF-8A91-4C87-AF15-D38D8468A4C5", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:office:2000:sp3:*:*:*:*:*:*", "matchCriteriaId": "4891122F-AD7F-45E6-98C6-833227916F6B", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:office:2003:sp2:*:*:*:*:*:*", "matchCriteriaId": "07D3F3E4-93FB-481A-94D9-075E726697C4", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:office:xp:sp3:*:*:*:*:*:*", "matchCriteriaId": "79BA1175-7F02-4435-AEA6-1BA8AADEB7EF", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp4:*:fr:*:*:*:*", "matchCriteriaId": "330B6798-5380-44AD-9B52-DF5955FA832C", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_2003_server:sp1:*:*:*:*:*:*:*", "matchCriteriaId": "644E2E89-F3E3-4383-B460-424D724EE62F", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:tablet_pc:*:*:*:*:*", "matchCriteriaId": "FB2BE2DE-7B06-47ED-A674-15D45448F357", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "The RichEdit component in Microsoft Windows 2000 SP4, XP SP2, and 2003 SP1; Office 2000 SP3, XP SP3, 2003 SP2, and Office 2004 for Mac; and Learning Essentials for Microsoft Office 1.0, 1.1, and 1.5 allows user-assisted remote attackers to execute arbitrary code via a malformed OLE object in an RTF file, which triggers memory corruption."}, {"lang": "es", "value": "El componente RichEdit en Microsoft Windows 2000 SP4, XP SP2, y 2003 SP1; Office 2000 SP3, XP SP3, 2003 SP2, y Office 2004 para Mac; y Learning Essentials para Microsoft Office 1.0, 1.1, y 1.5 permite a atacantes remotos con la complicidad del usuario ejecutar c\u00f3digo de su elecci\u00f3n mediante un objeto OLE mal formado en un fichero RTF, lo cual provoca una corrupci\u00f3n de memoria."}], "id": "CVE-2006-1311", "lastModified": "2018-10-12T21:39:25.213", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}]}, "published": "2007-02-13T20:28:00.000", "references": [{"source": "secure@microsoft.com", "url": "http://secunia.com/advisories/24152"}, {"source": "secure@microsoft.com", "tags": ["US Government Resource"], "url": "http://www.kb.cert.org/vuls/id/368132"}, {"source": "secure@microsoft.com", "url": "http://www.osvdb.org/31886"}, {"source": "secure@microsoft.com", "url": "http://www.securityfocus.com/bid/21876"}, {"source": "secure@microsoft.com", "url": "http://www.securitytracker.com/id?1017640"}, {"source": "secure@microsoft.com", "url": "http://www.securitytracker.com/id?1017641"}, {"source": "secure@microsoft.com", "tags": ["US Government Resource"], "url": "http://www.us-cert.gov/cas/techalerts/TA07-044A.html"}, {"source": "secure@microsoft.com", "url": "http://www.vupen.com/english/advisories/2007/0582"}, {"source": "secure@microsoft.com", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-013"}, {"source": "secure@microsoft.com", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30592"}, {"source": "secure@microsoft.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1090"}], "sourceIdentifier": "secure@microsoft.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}