Microsoft : Security Vulnerabilities, CVEs, Published In May 2006 (Overflow)
CVE-2006-2492
Known exploited
Buffer overflow in Microsoft Word in Office 2000 SP3, Office XP SP3, Office 2003 Sp1 and SP2, and Microsoft Works Suites through 2006, allows user-assisted attackers to execute arbitrary code via a malformed object pointer, as originally reported by ISC on 20060519 for a zero-day attack.
Max CVSS
7.6
EPSS Score
93.48%
Published
2006-05-20
Updated
2018-10-12
CISA KEV Added
2022-06-08
Heap-based buffer overflow in Microsoft Infotech Storage System Library (itss.dll) allows user-assisted attackers to execute arbitrary code via a crafted CHM / ITS file that triggers the overflow while decompiling.
Max CVSS
4.0
EPSS Score
87.93%
Published
2006-05-10
Updated
2018-10-18
Heap-based buffer overflow in the CRpcIoManagerServer::BuildContext function in msdtcprx.dll for Microsoft Distributed Transaction Coordinator (MSDTC) for Windows NT 4.0 and Windows 2000 SP2 and SP3 allows remote attackers to execute arbitrary code via a long fifth argument to the BuildContextW or BuildContext opcode, which triggers a bug in the NdrAllocate function, aka the MSDTC Invalid Memory Access Vulnerability.
Max CVSS
7.5
EPSS Score
92.24%
Published
2006-05-10
Updated
2019-04-30
3 vulnerabilities found