CVE-2006-3438

Unspecified vulnerability in Microsoft Hyperlink Object Library hlink.dll, possibly a buffer overflow, allows user-assisted attackers to execute arbitrary code via crafted hyperlinks that are not properly handled when hlink.dll "uses a file containing a malformed function," aka "Hyperlink Object...

CVE-2006-3438

CVE-2006-3438 corresponds to a remote code execution vulnerability in the Microsoft Hyperlink Object Library (hlink.dll) that occurs when the library handles a file containing a malformed function while processing hyperlinks. The vulnerability is triggered by user interaction (e.g., clicking a ma...

Microsoft Hyperlink Object Library Function Remote Buffer Overflow Vulnerability

Description Microsoft's Hyperlink Object Library is prone to a buffer-overflow vulnerability. This issue is due to the library's failure to properly bounds-check user-supplied input before copying it to an insufficiently sized memory buffer. Successfully exploiting this issue allows attackers to...

Microsoft Hyperlink Object Library stack buffer overflow

Overview The Microsoft Windows system library for handling hyperlinks contains a buffer overflow. Exploitation of this vulnerability may allow an attacker to execute arbitrary code. Description Microsoft Hyperlink Object Library HLINK.DLL The Hyperlink Object Library provides interfaces for...

CVE-2006-3086

Stack-based buffer overflow in the HrShellOpenWithMonikerDisplayName function in Microsoft Hyperlink Object Library hlink.dll allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a long hyperlink, as demonstrated using an Excel worksheet with a long...

CVE-2006-3086

Stack-based buffer overflow in the HrShellOpenWithMonikerDisplayName function in Microsoft Hyperlink Object Library hlink.dll allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a long hyperlink, as demonstrated using an Excel worksheet with a long...

CVE-2006-3086

CVE-2006-3086 is a Hyperlink Object Library buffer overflow in hlink.dll (HrShellOpenWithMonikerDisplayName) that allows remote code execution when a user opens a crafted long hyperlink in Office documents (notably Excel). The issue stems from an unchecked WzCopy into a stack buffer, enabling a l...

MS06-022: Vulnerability in ART Image Rendering Could Allow Remote Code Execution (918439)

The remote host is running a version of Windows that contains a flaw in the Hyperlink Object Library. An attacker may exploit this flaw to execute arbitrary code on the remote host. To exploit this flaw, an attacker would need to construct a malicious hyperlink and lure a victim into clicking it...

CVE-2005-4636

OpenOffice.org 2.0 and earlier is affected. When hyperlinks are disabled, the Hyperlink dialog’s WWW-browser button can be clicked, potentially bypassing intended security settings and enabling user trickery. This CVE is documented across multiple sources (Red Hat, SUSE, Mandrake/Mandriva, Ubuntu...

CVE-2005-4636

OpenOffice.org 2.0 and earlier, when hyperlinks has been disabled, does not prevent the user from clicking the WWW-browser button in the Hyperlink dialog, which makes it easier for attackers to trick the user into bypassing intended security settings...

USN-181-1: Mozilla products vulnerability

Tom Ferris discovered a buffer overflow in the Mozilla products Mozilla browser, Firefox, Thunderbird. By tricking an user to click on a Hyperlink with a specially crafted destination URL, a remote attacker could crash the application. It might even be possible to exploit this vulnerability to...

CVE-2005-0057

The Hyperlink Object Library for Windows 98, 2000, XP, and Server 2003 allows remote attackers to execute arbitrary code via a crafted link that triggers an "unchecked buffer" in the library, possibly due to a buffer overflow...

Microsoft Windows Hyperlink Object Library buffer overflow

No description provided...

CVE-2005-0057

The Hyperlink Object Library for Windows 98, 2000, XP, and Server 2003 allows remote attackers to execute arbitrary code via a crafted link that triggers an "unchecked buffer" in the library, possibly due to a buffer overflow...

CVE-2005-0057

Microsoft’s MS05-015 fixes a remote code execution flaw in the Hyperlink Object Library (Hlink.dll) affecting Windows 98, 2000, XP, and Server 2003. The vulnerability arises from an unchecked buffer when handling hyperlinks, potentially allowing arbitrary code execution if a user clicks a crafted...

Microsoft Hyperlink Object Library buffer overflow

Overview A buffer overflow exists in the Microsoft Windows system library used when handling hyperlinks. All currently supported versions of Microsoft Windows are affected. Description An unchecked buffer in the Microsoft Object Library is vulnerable to attack when malformed hyperlinks are handle...

MS05-015: Vulnerability in the Hyperlink Object Library may allow code execution (888113)

The remote host is running a version of Windows that contains a flaw in the Hyperlink Object Library that can be abused to execute arbitrary code on the remote host. To exploit this flaw, an attacker would need to construct a malicious hyperlink and lure a victim into clicking it. C Tenable Netwo...

Microsoft Outlook Express - JavaScript Execution

From: To: Subject:MSOE Scripting Example Content-Type:text/html click here to test milw0rm.com 2004-07-13...

The Palace 3.x (Client) Stack Overflow Vulnerability

The Palace 3.x Client Stack Overflow Vulnerability Credit: Author : Peter Winter-Smith Software: Packages : The Palace 3.5 Client Version : 3.5 and below Vendor : 'Copyright © 1996-2000 Communities.com' Vendor Url : http://www.thepalace.com/ Vulnerability: Bug Type : Stack-based Buffer Overflow...

firstclass71.txt

Product: FirstClass Desktop Client 7.1 Developer: SoftArc URL: http://www.softarc.com/ Description: Users clicking on a maliciously crafted link will result in local file execution. Details: FirstClass RTF formatted messages can include hyper-links to web URL's. When the messages recipient clicks...