Buffer Overflow Vulnerability in Microsoft Hyperlink Object Library
CVE-2006-3438

Currently unrated

Key Information:

Vendor: Microsoft
Status: Hyperlink Object Library
Vendor: CVE Published:; 9 August 2006

What is CVE-2006-3438?

A vulnerability exists in the Microsoft Hyperlink Object Library (hlink.dll) that could allow user-assisted attackers to exploit a potential buffer overflow. This occurs when crafted hyperlinks that are improperly processed lead to arbitrary code execution. The flaw arises from hlink.dll's handling of malformed functions in files, posing a risk for users who interact with these compromised URLs. Attackers can leverage this vulnerability by tricking users into clicking on malicious links, resulting in unauthorized actions on the user's system.

References

http://securitytracker.com/id?1016659

vdb-entryx_refsource_SECTRACK

http://www.securityfocus.com/bid/19405

vdb-entryx_refsource_BID

https://oval.cisecurity.org/repository/search/definition/...

vdb-entrysignaturex_refsource_OVAL

EPSS Score

53% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 9, 2006
Vulnerability Reserved
Jul 7, 2006