CVE-2006-3357
Description
Heap-based buffer overflow in HTML Help ActiveX control (hhctrl.ocx) in Microsoft Internet Explorer 6.0 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code by repeatedly setting the Image field of an Internet.HHCtrl.1 object to certain values, possibly related to improper escaping and long strings.
Risk Information
Base Score
8.0
MODERATE
Vector
AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
72.358
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Security Update for Windows 2000 (KB922616) | Windows |
| Security Update for Windows XP (KB922616) | Windows |
| Security Update for Windows Server 2003 (KB922616) x86 based systems | Windows |
| Security Update for Windows Server 2003 (KB922616) x86 based systems for SP1 | Windows |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234