CVE-2006-5270

CVE Database · CVE-2006-5270

CVE-2006-5270

· N/AModified

CVSS v3.1

N/A

EPSS

30.08%

Published

Feb 13, 2007

Modified

Apr 22, 2026

Public PoC / Exploit (1)

All weaponized →

TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Integer overflow in the Microsoft Malware Protection Engine (mpengine.dll), as used by Windows Live OneCare, Antigen, Defender, and Forefront Security, allows user-assisted remote attackers to execute arbitrary code via a crafted PDF file.

Affected Products (5)

microsoft · antigenvulnerable

microsoft · forefront_securityvulnerable

microsoft · malware_protection_enginevulnerable

microsoft · windows_defendervulnerable

microsoft · windows_live_onecarevulnerable

References (16)

http://secunia.com/advisories/24146

http://www.kb.cert.org/vuls/id/511577

US Government Resource

http://www.osvdb.org/31888

http://www.securityfocus.com/bid/22479

http://www.securitytracker.com/id?1017636

http://www.us-cert.gov/cas/techalerts/TA07-044A.html

US Government Resource

http://www.vupen.com/english/advisories/2007/0579

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-010

http://secunia.com/advisories/24146

http://www.kb.cert.org/vuls/id/511577

US Government Resource

KEV Catalog EPSS Scores Vendors All CVEs