Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2006-1311

EPSS 70.64% · P99
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2006-1311

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
The RichEdit component in Microsoft Windows 2000 SP4, XP SP2, and 2003 SP1; Office 2000 SP3, XP SP3, 2003 SP2, and Office 2004 for Mac; and Learning Essentials for Microsoft Office 1.0, 1.1, and 1.5 allows user-assisted remote attackers to execute arbitrary code via a malformed OLE object in an RTF file, which triggers memory corruption.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Microsoft Office和Windows RichEdit组件内存破坏漏洞(MS07-013)
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Microsoft Windows是美国微软(Microsoft)公司发布的一系列操作系统。 Microsoft Windows和Microsoft Office所捆绑的RichEdit组件中存在一个远程执行代码漏洞。中存在一个远程执行代码漏洞。当用户与RTF文件中的畸形嵌入OLE对象进行交互时,就可能导致内存破坏,在用户系统上执行任意代码。 成功利用此漏洞的攻击者可以完全控制受影响的系统。攻击者可随后安装程序;查看、更改或删除数据;或者创建拥有完全用户权限的新帐户。那些帐户被配置为拥有较少系统用户权限的
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Shenlong Deep Dive — AI Deep Analysis

10-question deep dive: root cause, exploitation, mitigation, urgency. Read summary free, full version requires login.

Read summary Full analysis (login)

Affected Products

VendorProductAffected VersionsCPESubscribe
-n/a n/a -

II. Public POCs for CVE-2006-1311

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2006-1311

登录查看更多情报信息。

Same Patch Batch · n/a · 2007-02-13 · 29 CVEs total

CVE-2006-5270Microsoft恶意软件保护引擎整数溢出漏洞(MS07-010)
CVE-2007-0895Solaris 竞争条件权限管理和访问控制漏洞
CVE-2007-0896Firefox多个跨站脚本攻击漏洞
CVE-2007-0842Microsoft Visual C++标准库时间函数拒绝服务漏洞
CVE-2007-0904LightRO CMS 'projects.php'SQL注入漏洞
CVE-2007-0903EJabberD Mod_Roster_ODBC 未明漏洞
CVE-2007-0902MoinMoin "展示调试信息"特征未明信息泄露漏洞
CVE-2007-0901MoinMoin Info页多个跨站脚本攻击漏洞
CVE-2007-0900TagIt! Tagboard 多个PHP远程文件包含漏洞
CVE-2007-0214Microsoft HTML帮助ActiveX控件远程代码执行漏洞(MS07-008)
CVE-2007-0211Microsoft Windows Shell硬件检测服务权限提升漏洞(MS07-006)
CVE-2007-0210Microsoft Windows图像捕获服务本地权限提升漏洞(MS07-007)
CVE-2007-0026Microsoft Windows OLE Dialog内存破坏漏洞(MS07-011)
CVE-2007-0025Microsoft Windows MFC组件OLE对象缓冲区溢出漏洞
CVE-2007-0219Microsoft Internet Explorer 安全漏洞
CVE-2006-3448Microsoft Windows分步交互式训练缓冲区溢出漏洞
CVE-2007-0209Microsoft Word畸形绘图对象任意代码执行漏洞(MS07-014)
CVE-2007-0208Microsoft Word宏权限绕过任意代码执行漏洞(MS07-014)
CVE-2007-0217Microsoft Internet Explorer 安全漏洞
CVE-2006-4697Microsoft Internet Explorer 安全漏洞

Showing top 20 of 29 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a
Same vendor: n/a

V. Comments for CVE-2006-1311

No comments yet

Leave a comment