Microsoft HLINK.DLL Link Memory Corruption Vulnerability

Discussion in 'Computer Security' started by imhotep, Jun 28, 2006.

  1. imhotep

    imhotep Guest

    "Microsoft HLINK.DLL is prone to a memory-corruption vulnerability. This
    issue is due to the library's failure to properly bounds-check
    user-supplied input before copying it to an insufficiently sized memory
    buffer.

    Successfully exploiting this issue allows attackers to execute arbitrary
    machine code in the context of applications that use the affected library.
    This facilitates the remote compromise of affected computers. Failed
    exploit attempts will likely crash targeted applications.

    This issue has been shown to be exploitable through Microsoft Excel files.
    Other applications using the affected library may also be affected."

    http://www.securityfocus.com/bid/18500/discuss

    -- Imhotep

    --
    *************************************
    Pass a Net Neutrality Law in the US!!!!

    Save the Internet:
    http://www.savetheinternet.com/

    Its our net:
    http://www.itsournet.org/

    *************************************
     
    imhotep, Jun 28, 2006
    #1
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.