Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-1591

Overview

Vulnerability Score 5.1 5.1
CVE Id CVE-2006-1591
Last Modified 05 Sep 2008 05:02:19
Published 03 Apr 2006 06:04:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity HIGH
Authentication NONE

CVE-2006-1591

Summary

Heap-based buffer overflow in Microsoft Windows Help winhlp32.exe allows user-assisted attackers to execute arbitrary code via crafted embedded image data in a .hlp file.

Vulnerable Systems

Operating System

  • Microsoft Windows 2000

  • Microsoft Windows 2003 Server Enterprise

  • Microsoft Windows 2003 Server R2

  • Microsoft Windows 2003 Server Standard

  • Microsoft Windows 2003 Server Web

  • Microsoft Windows Nt 4.0

  • Microsoft Windows Xp


References

XF - win-winhlp32-hlp-bo(25573)

BID - 17325

BUGTRAQ - 20060413 Windows Help Heap Overflow

MISC - http://www.open-security.org/advisories/15

FULLDISC - 20060331 Windows Help Heap Overflow

SREASON - 700


Last Updated: 27 May 2016 10:42:08