CVE-2006-1591
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
03/04/2006
Last modified:
03/04/2025
Description
Heap-based buffer overflow in Microsoft Windows Help winhlp32.exe allows user-assisted attackers to execute arbitrary code via crafted embedded image data in a .hlp file.
Impact
Base Score 2.0
5.10
Severity 2.0
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:microsoft:windows_2000:*:*:*:*:*:*:*:* | ||
| cpe:2.3:o:microsoft:windows_2000:*:sp1:*:*:*:*:*:* | ||
| cpe:2.3:o:microsoft:windows_2000:*:sp2:*:*:*:*:*:* | ||
| cpe:2.3:o:microsoft:windows_2000:*:sp3:*:*:*:*:*:* | ||
| cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:* | ||
| cpe:2.3:o:microsoft:windows_2003_server:enterprise:*:64-bit:*:*:*:*:* | ||
| cpe:2.3:o:microsoft:windows_2003_server:enterprise:sp1:*:*:*:*:*:* | ||
| cpe:2.3:o:microsoft:windows_2003_server:r2:*:64-bit:*:*:*:*:* | ||
| cpe:2.3:o:microsoft:windows_2003_server:r2:sp1:*:*:*:*:*:* | ||
| cpe:2.3:o:microsoft:windows_2003_server:standard:*:64-bit:*:*:*:*:* | ||
| cpe:2.3:o:microsoft:windows_2003_server:standard:sp1:*:*:*:*:*:* | ||
| cpe:2.3:o:microsoft:windows_2003_server:web:*:*:*:*:*:*:* | ||
| cpe:2.3:o:microsoft:windows_2003_server:web:sp1:*:*:*:*:*:* | ||
| cpe:2.3:o:microsoft:windows_nt:4.0:*:server:*:*:*:*:* | ||
| cpe:2.3:o:microsoft:windows_nt:4.0:*:terminal_server:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- http://lists.grok.org.uk/pipermail/full-disclosure/2006-March/044748.html
- http://securityreason.com/securityalert/700
- http://www.open-security.org/advisories/15
- http://www.securityfocus.com/archive/1/430871/100/0/threaded
- http://www.securityfocus.com/bid/17325
- https://exchange.xforce.ibmcloud.com/vulnerabilities/25573
- http://lists.grok.org.uk/pipermail/full-disclosure/2006-March/044748.html
- http://securityreason.com/securityalert/700
- http://www.open-security.org/advisories/15
- http://www.securityfocus.com/archive/1/430871/100/0/threaded
- http://www.securityfocus.com/bid/17325
- https://exchange.xforce.ibmcloud.com/vulnerabilities/25573