Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-3438

Overview

Vulnerability Score 9.3 9.3
CVE Id CVE-2006-3438
Last Modified 05 Sep 2008 12:00:00
Published 08 Aug 2006 08:04:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2006-3438

Summary

Unspecified vulnerability in Microsoft Hyperlink Object Library (hlink.dll), possibly a buffer overflow, allows user-assisted attackers to execute arbitrary code via crafted hyperlinks that are not properly handled when hlink.dll "uses a file containing a malformed function," aka "Hyperlink Object Function Vulnerability."

Vulnerable Systems

Application

  • Microsoft Hyperlink Object Library


References

CERT - TA06-220A

CERT-VN - VU#683612

MS - MS06-050

BID - 19405

SECTRACK - 1016659


Last Updated: 27 May 2016 10:43:00