 | |
| |||||||
| Home | Register | Projects | Blogs | FAQ | Calendar | Search | Today's Posts | Mark Forums Read | Free Directory | Free DNSReport | Tags |
| Notices |
| Patched Advisories Links to the class101's patched discoveries with CVE entries |
CVE-2006-3435 - Microsoft Office Powerpoint 2003This is a discussion on "CVE-2006-3435 - Microsoft Office Powerpoint 2003" within the Patched Advisories part of the Computer Security: Discovery sales and class101's research section; CVE : CVE-2006-3435 Date : 10 October 2006 Severity : Critical Vendor : details/patch IPS : zdi Exploit : not published... |
 |
| | LinkBack | Thread Tools | Display Modes |
11-10-06
| ||||
| ||||
 CVE-2006-3435 - Microsoft Office Powerpoint 2003 CVE: CVE-2006-3435 Date: 10 October 2006 Severity: Critical Vendor: details/patch IPS: zdi Exploit: not published  |
| Sponsor | ||
| ||
| |
|
29-04-07
| ||||
| ||||
| Re: CVE-2006-3435 - Microsoft Office Powerpoint 2003 Microsoft Office is a closed source application so you can: Use a fuzzer or any manual changes , by chance you will trigger something, this is sometimes a good method to find many bugs in a limited period of time but, days after days, applications are more secured so you have better to debug step at step the application to check when & where you can exactly exploit. A good demo about step at step debugging can be found on Hoglund website: http://www.hbgary.com/technology.shtml (Demo1) He uses a debugger to check what is send() and recv() without the need of a sniffer, for office files you can do the same checking what is memcpy() for example  But honestly, on the 5 or 6 office bugs I have discovered yet , only one was an overflow type, each others weren't documented flaws but much design mistakes allowing malicious executions, and to find this you have better to perfectly understand how to trace the program in a debugger. Sorry for the late response and good luck in your research =) note: I do not specially advertise here HBGary Inspector, even if it looks like a nice application, you have all required with standard debuggers as OllyDBG wich is free and IDA Pro not free but I recommand you to buy IDA because this is an unbeatable debugger+disassembler =) |
| Sponsor | ||
| ||
| |
|
| | |
| 2003, cve20063435, microsoft, office, powerpoint | |
| Thread Tools | |
| Display Modes | |
Linear Mode
| |
Similar Threads | ||||
| Thread | Thread Starter | Forum | Replies | Last Post |
| CVE-2006-3650 - Microsoft Office Word 2003 and viewer 2003 | class101 | Patched Advisories | 0 | 11-10-06 00:15 |
| CVE-2006-2388 - Microsoft Office Excel 2003 and viewer 2003 | class101 | Patched Advisories | 0 | 12-07-06 00:31 |
| CVE-2006-1306 - Microsoft Office Excel 2003 and viewer 2003 | class101 | Patched Advisories | 0 | 12-07-06 00:28 |
| Microsoft Office Powerpoint 2003 | class101 | Vulnerability MarketPlace | 5 | 03-05-06 22:58 |
| CVE-2006-0028 - Microsoft Office Excel 2003 and viewer 2003 | class101 | Patched Advisories | 0 | 23-04-06 14:12 |
