CVE-2006-3438
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2006-3438
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Unspecified vulnerability in Microsoft Hyperlink Object Library (hlink.dll), possibly a buffer overflow, allows user-assisted attackers to execute arbitrary code via crafted hyperlinks that are not properly handled when hlink.dll "uses a file containing a malformed function," aka "Hyperlink Object Function Vulnerability."
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Microsoft超级链接对象库函数溢出漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Microsoft Windows是微软发布的非常流行的WEB浏览器。 Microsoft Windows的超链接对象库(hlink.dll)中存在远程执行代码漏洞,成功利用此漏洞的攻击者可以完全控制受影响的系统。 要利用此漏洞,需要进行用户交互。 如果超级链接对象库在处理超链接时使用包含畸形的函数的文件,就会出现这个问题。攻击者可以通过构建恶意超链接来利用此漏洞。如果用户单击网站、Office文件或电子邮件中的恶意链接,可能会导致允许远程执行代码。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-2006-3438
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2006-3438
请登录查看更多情报信息。
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-050vendor-advisoryx_refsource_MS
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A115vdb-entrysignaturex_refsource_OVAL
- https://nvd.nist.gov/vuln/detail/CVE-2006-3438
Same Patch Batch · n/a · 2006-08-09 · 42 CVEs total
| CVE-2006-3449 | Microsoft PowerPoint畸形记录处理代码执行漏洞(MS06-048) | |
| CVE-2006-4029 | AGEphone SIP报文处理缓冲区溢出漏洞 | |
| CVE-2006-3083 | MIT Kerberos 5多个本地权限提升漏洞 | |
| CVE-2006-3084 | MIT Kerberos 多个本地权限提升漏洞 | |
| CVE-2006-3979 | ColdFusion AdminAPI认证绕过漏洞 | |
| CVE-2006-3439 | Microsoft Windows Server服务远程缓冲区溢出漏洞(MS06-040) | |
| CVE-2006-3440 | Microsoft Winsock Gethostbyname远程缓冲区溢出漏洞(MS06-041) | |
| CVE-2006-3441 | Microsoft Windows DNS客户端缓冲区溢出漏洞(MS06-041) | |
| CVE-2006-3443 | Microsoft Windows用户配置文件权限提升漏洞(MS06-051) | |
| CVE-2006-3648 | Microsoft Windows未处理异常远程代码执行漏洞 | |
| CVE-2006-3444 | Microsoft Windows 2000内核本地权限提升漏洞(MS06-049) | |
| CVE-2006-4028 | WordPress多个不明安全漏洞 | |
| CVE-2006-3639 | Microsoft IE源元素跨域访问漏洞(MS06-042) | |
| CVE-2006-3640 | Microsoft IE窗口位置跨域信息泄露漏洞(MS06-042) | |
| CVE-2006-3643 | Microsoft管理控制台重新定向跨站脚本漏洞(MS06-044) | |
| CVE-2006-3649 | Microsoft Visual Basic for Applications文档检查溢出漏洞(MS06-047) | |
| CVE-2006-4022 | Intel 2100 PRO/无线网络连接驱动程序内存破坏漏洞 | |
| CVE-2006-4023 | PHP ip2long函数SQL注入漏洞 | |
| CVE-2006-4024 | Festalon pce/hes.c程序 HES文件堆缓冲区溢出漏洞 | |
| CVE-2006-4025 | XennoBB 'Profile.PHP'SQL注入漏洞 |
Showing top 20 of 42 CVEs. View all on vendor page → →
IV. Related Vulnerabilities
V. Comments for CVE-2006-3438
No comments yet