CVE-2006-3435

EPSS 46.60% · P98 Updated Feb 27, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2006-3435

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

PowerPoint in Microsoft Office 2000, XP, 2003, 2004 for Mac, and v.X for Mac does not properly parse the slide notes field in a document, which allows remote user-assisted attackers to execute arbitrary code via crafted data in this field, which triggers an erroneous object pointer calculation that uses data from within the document. NOTE: this issue is different than other PowerPoint vulnerabilities including CVE-2006-4694.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

Microsoft PowerPoint畸形幻灯片注释重构代码执行漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

PowerPoint是微软发布的非常流行的电子文档演示工具。 PowerPoint在解析演示文档中畸形的幻灯片注释字段时存在漏洞，远程攻击者可能利用此漏洞在用户机器上执行任意指令。当PowerPoint试图重构畸形部分时，可能会进行基于攻击者提供数据的指针计算，之后又引用了该指针，这可能导致以打开恶意文件用户的权限执行任意指令。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2006-3435

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2006-3435

请登录查看更多情报信息。

http://www.zerodayinitiative.com/advisories/ZDI-06-032.htmlx_refsource_MISC
http://www.osvdb.org/29446vdb-entryx_refsource_OSVDB
http://www.securityfocus.com/bid/20304vdb-entryx_refsource_BID
http://securitytracker.com/id?1017030vdb-entryx_refsource_SECTRACK
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-058vendor-advisoryx_refsource_MS
http://www.kb.cert.org/vuls/id/187028third-party-advisoryx_refsource_CERT-VN
http://www.securityfocus.com/archive/1/449179/100/0/threadedvendor-advisoryx_refsource_HP
http://www.vupen.com/english/advisories/2006/3977vdb-entryx_refsource_VUPEN
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A476vdb-entrysignaturex_refsource_OVAL
http://www.securityfocus.com/archive/1/448149/100/0/threadedmailing-listx_refsource_BUGTRAQ
https://nvd.nist.gov/vuln/detail/CVE-2006-3435

Same Patch Batch · n/a · 2006-10-10 · 32 CVEs total

CVE-2006-3864		Microsoft Office畸形记录远程代码执行漏洞
CVE-2006-5229		OpenSSH-Portable '/etc/shadow'密码远程信息泄露漏洞
CVE-2006-3888		AOL YGP ActiveX控件'YGPPicDownload.dll'缓冲区溢出漏洞
CVE-2006-3887		America Online YGP ActiveX控件多个缓冲区溢出漏洞
CVE-2006-5200		Adobe Breeze URL解析信息泄露漏洞
CVE-2006-5199		Adobe Contribute Publishing Server本地信息泄露漏洞
CVE-2006-4696		Microsoft Windows SMB重命名远程拒绝服务漏洞
CVE-2006-4693		Microsoft Word Mac远程代码执行漏洞
CVE-2006-4692		Microsoft Windows对象包装程序对话框欺骗漏洞
CVE-2006-4686		Microsoft Windows XML核心服务XSLT缓冲区溢出漏洞
CVE-2006-4685		Microsoft XML核心服务信息泄露漏洞
CVE-2006-3978		Adobe ColdFusion MX Verity库未明本地权限提升漏洞
CVE-2006-3877		Microsoft PowerPoint畸形记录远程代码执行漏洞
CVE-2006-3875		Microsoft Excel COLINFO远程指令执行漏洞
CVE-2006-3868		Microsoft Office畸形智能标记远程代码执行漏洞
CVE-2006-3867		Microsoft Excel Lotus 1-2-3文件处理远程代码执行漏洞
CVE-2006-3436		Microsoft ASP.NET AutoPostBack变量跨站脚本漏洞
CVE-2006-3651		Microsoft Word邮件合并远程代码执行漏洞
CVE-2006-3650		Microsoft Office畸形图表记录缓冲区溢出漏洞
CVE-2006-3647		Microsoft Word畸形数据串远程任意指令执行漏洞

Showing top 20 of 32 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2006-3435

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2006-3435

I. Basic Information for CVE-2006-3435

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2006-3435

III. Intelligence Information for CVE-2006-3435

Same Patch Batch · n/a · 2006-10-10 · 32 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2006-3435

Leave a comment