CVE-2006-0009

CVE Database · CVE-2006-0009

CVE-2006-0009

· N/AModified

CVSS v3.1

N/A

EPSS

14.21%

Published

Mar 14, 2006

Modified

Apr 15, 2026

Public PoC / Exploit (1)

All weaponized →

TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Buffer overflow in Microsoft Office 2000 SP3, XP SP3, and other versions and packages, allows user-assisted attackers to execute arbitrary code via a routing slip that is longer than specified by the provided length field, as exploited by malware such as TROJ_MDROPPER.BH and Trojan.PPDropper.E in attacks against PowerPoint.

Affected Products (13)

microsoft · officevulnerable

microsoft · worksvulnerable

References (20)

http://archives.neohapsis.com/archives/fulldisclosure/2006-08/0597.html

http://blogs.securiteam.com/?author=28

http://blogs.securiteam.com/?p=557

http://blogs.securiteam.com/?p=559

http://isc.sans.org/diary.php?storyid=1618

http://lists.grok.org.uk/pipermail/full-disclosure/2006-September/049540.html

http://secunia.com/advisories/19138

PatchVendor Advisory

http://secunia.com/advisories/19238

http://securitytracker.com/id?1015766

Patch

http://securitytracker.com/id?1016720

KEV Catalog EPSS Scores Vendors All CVEs