Vulnerabilities > CVE-2006-3438 - Unspecified vulnerability in Microsoft Hyperlink Object Library
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN microsoft
nessus
Summary
Unspecified vulnerability in Microsoft Hyperlink Object Library (hlink.dll), possibly a buffer overflow, allows user-assisted attackers to execute arbitrary code via crafted hyperlinks that are not properly handled when hlink.dll "uses a file containing a malformed function," aka "Hyperlink Object Function Vulnerability."
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Nessus
| NASL family | Windows : Microsoft Bulletins |
| NASL id | SMB_NT_MS06-050.NASL |
| description | The remote host is running a version of Windows that contains a flaw in the Hyperlink Object Library. An attacker could exploit this flaw to execute arbitrary code on the remote host. To exploit this flaw, an attacker would need to construct a malicious hyperlink and lure a victim into clicking it. |
| last seen | 2020-06-01 |
| modified | 2020-06-02 |
| plugin id | 22192 |
| published | 2006-08-08 |
| reporter | This script is Copyright (C) 2006-2018 Tenable Network Security, Inc. |
| source | https://www.tenable.com/plugins/nessus/22192 |
| title | MS06-050: Vulnerabilities in Microsoft Windows Hyperlink Object Library Could Allow Remote Code Execution (920670) |
Oval
| accepted | 2011-05-09T04:00:05.287-04:00 | ||||||||||||||||||||||||
| class | vulnerability | ||||||||||||||||||||||||
| contributors |
| ||||||||||||||||||||||||
| definition_extensions |
| ||||||||||||||||||||||||
| description | Unspecified vulnerability in Microsoft Hyperlink Object Library (hlink.dll), possibly a buffer overflow, allows user-assisted attackers to execute arbitrary code via crafted hyperlinks that are not properly handled when hlink.dll "uses a file containing a malformed function," aka "Hyperlink Object Function Vulnerability." | ||||||||||||||||||||||||
| family | windows | ||||||||||||||||||||||||
| id | oval:org.mitre.oval:def:115 | ||||||||||||||||||||||||
| status | accepted | ||||||||||||||||||||||||
| submitted | 2006-08-11T12:53:40 | ||||||||||||||||||||||||
| title | Hyperlink Object Function Vulnerability | ||||||||||||||||||||||||
| version | 71 |
References
- http://securitytracker.com/id?1016659
- http://securitytracker.com/id?1016659
- http://www.kb.cert.org/vuls/id/683612
- http://www.kb.cert.org/vuls/id/683612
- http://www.securityfocus.com/bid/19405
- http://www.securityfocus.com/bid/19405
- http://www.us-cert.gov/cas/techalerts/TA06-220A.html
- http://www.us-cert.gov/cas/techalerts/TA06-220A.html
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-050
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-050
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A115
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A115