Intrusion Prevention

MS.Excel.Hyperlink.Buffer.Overflow

Description

Indicates a possible attempt by an attacker to exploit a Buffer overflow in the Microsoft HLINK.DLL library used by Microsoft Office. This issue is due to a failure to properly validate user-supplied input before copying it to an insufficiently sized memory buffe . The vulnerability could allow remote attackers to execute arbitrary code with a long HTML link embedded in a cell object.

Affected Products

Microsoft Windows XP Tablet PC Edition SP1-SP2
Microsoft Windows XP Tablet PC Edition
Microsoft Windows XP Professional x64 Edition
Microsoft Windows XP Professional SP1-SP2
Microsoft Windows XP Professional
Microsoft Windows XP Media Center Edition SP1-SP2
Microsoft Windows XP Media Center Edition
Microsoft Windows XP Home SP1-SP2
Microsoft Windows XP Home
Microsoft Windows XP Embedded SP1
Microsoft Windows XP Embedded
Microsoft Windows XP 64-bit Edition Version 2003 SP1
Microsoft Windows XP 64-bit Edition Version 2003
Microsoft Windows XP 64-bit Edition SP1
Microsoft Windows XP 64-bit Edition
Microsoft Windows Server 2003 Web Edition SP1
Microsoft Windows Server 2003 Web Edition
Microsoft Windows Server 2003 Standard x64 Edition
Microsoft Windows Server 2003 Standard Edition SP1
Microsoft Windows Server 2003 Standard Edition
Microsoft Windows Server 2003 Enterprise x64 Edition
Microsoft Windows Server 2003 Enterprise Edition Itanium SP1
Microsoft Windows Server 2003 Enterprise Edition Itanium
Microsoft Windows Server 2003 Enterprise Edition SP1
Microsoft Windows Server 2003 Enterprise Edition
Microsoft Windows Server 2003 Datacenter x64 Edition
Microsoft Windows Server 2003 Datacenter Edition Itanium SP1
Microsoft Windows Server 2003 Datacenter Edition Itanium
Microsoft Windows Server 2003 Datacenter Edition SP1
Microsoft Windows Server 2003 Datacenter Edition
Microsoft Windows 2000 Server SP1-SP4
Microsoft Windows 2000 Server
Microsoft Windows 2000 Professional SP1-SP4
Microsoft Windows 2000 Professional
Microsoft Windows 2000 Datacenter Server SP1-SP4
Microsoft Windows 2000 Datacenter Server
Microsoft Windows 2000 Advanced Server SP1-SP4
Microsoft Windows 2000 Advanced Server

Impact

System compromise
Execution of arbitrary code against the system.

Recommended Actions

Microsoft has released a critical update that fixes this vulnerability. Please apply MS06-050 as soon as possible.
Do not accept, open or execute files from untrusted or unknown sources.
Use administrative accounts only for administrative purposes. Normal every day tasks should be performed using an unprivileged account.
Do not open any files that originate from an untrusted source. Malicious Microsoft Office files may be sent in email, hosted on a Webpage, sent through instant messaging or other means.

CVE References

CVE-2006-3086