Vulnerability Note VU#810772
Microsoft Agent fails to properly handle specially crafted .ACF files
Microsoft Agent fails to properly handle specially crafted .ACF files and may allow a remote attacker to execute arbitrary code.
Microsoft Agent is a software technology that enables an enriched form of user interaction that can make using and learning to use a computer easier and more natural.
A vulnerability exists in the way that Microsoft Agent handles specially crafted .ACF files. Exploitation can occur when a remote attacker convinces the user to visit a specially crafted web site.
This vulnerability may allow a remote attacker to execute arbitrary code with the privileges of the local user.
Apply an update
Systems Affected (Learn More)
|Vendor||Status||Date Notified||Date Updated|
|Microsoft Corporation||Affected||-||14 Nov 2006|
CVSS Metrics (Learn More)
Thanks to Microsoft Security for reporting this vulnerability in Microsoft Security Bulletin MS06-068.
This document was written by Katie Steiner.
- CVE IDs: CVE-2006-3445
- Date Public: 14 Nov 2006
- Date First Published: 14 Nov 2006
- Date Last Updated: 07 Feb 2007
- Severity Metric: 22.57
- Document Revision: 14
If you have feedback, comments, or additional information about this vulnerability, please send us email.