CVE-2006-3351 Information
Description
Buffer overflow in Windows Explorer (explorer.exe) on Windows XP and 2003 allows user-assisted attackers to cause a denial of service (repeated crash) and possibly execute arbitrary code via a .url file with an InternetShortcut tag containing a long URL and a large number of \file:\ specifiers.
Reference
http://securityreason.com/securityalert/1186
http://www.securityfocus.com/archive/1/439153/100/0/threaded
http://www.securityfocus.com/archive/1/439660/100/200/threaded
http://www.securityfocus.com/bid/18838
https://exchange.xforce.ibmcloud.com/vulnerabilities/27567
win-explorer-url-dos(27567)
Buffer
overflow
in
Windows
Explorer
(explorer.exe)
on
Windows
XP
and
2003
allows
user-assisted
attackers
to
cause
a
denial
of
service
(repeated
crash)
and
possibly
execute
arbitrary
code
via
a
.url
file
with
an
InternetShortcut
tag
containing
a
long
URL
and
a
large
number
of
\file:
specifiers.