CVE-2006-0564

CVE-2006-0564 describes a stack-based buffer overflow in Microsoft HTML Help Workshop 4.74 (and possibly earlier) and in HTML Help 1.4 SDK. Public details in connected sources show that an attacker can exploit this via a crafted .hhp file with a long Contents/Index field to achieve arbitrary code...