Intrusion Prevention

MS.Excel.Hyperlink.Buffer.Overflow.SMTP

Description

Because a improper bounds checking of hyperlinks in the hlink.dll library, Microsoft office is vulnerable by a stack-based buffer overflow. It allows remote attackers to cause a DoS and possibly execute arbitrary code via a long hyperlink.

Affected Products

Microsoft Corporation: Microsoft Excel 2000
Microsoft Corporation: Microsoft Excel 2002
Microsoft Corporation: Microsoft Excel 2003
Microsoft Corporation: Microsoft Excel Viewer 2003

Impact

Gain access.

Recommended Actions

Microsoft has released a security bulletin to address this issue. Please see the attached security bulletin for details.

CVE References

CVE-2006-3086