CVE-2006-0564
Microsoft Html Help - Buffer Overflow
Title source: ruleDescription
Stack-based buffer overflow in Microsoft HTML Help Workshop 4.74.8702.0, and possibly earlier versions, and as included in the Microsoft HTML Help 1.4 SDK, allows context-dependent attackers to execute arbitrary code via a .hhp file with a long Contents file field.
Exploits (10)
exploitdb
WORKING POC
VERIFIED
by Metasploit · rubylocalwindows
https://www.exploit-db.com/exploits/16648
exploitdb
WORKING POC
VERIFIED
by darkeagle · textdoswindows
https://www.exploit-db.com/exploits/1488
exploitdb
WORKING POC
VERIFIED
by darkeagle · c++localwindows
https://www.exploit-db.com/exploits/1495
metasploit
WORKING POC
GOOD
by bratax, jduck · rubypocwin
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/fileformat/hhw_hhp_compiledfile_bof.rb
exploitdb
WORKING POC
VERIFIED
by Metasploit · rubylocalwindows
https://www.exploit-db.com/exploits/16683
metasploit
WORKING POC
GOOD
by bratax, jduck · rubypocwin
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/fileformat/hhw_hhp_contentfile_bof.rb
References (7)
Scores
EPSS
0.8271
EPSS Percentile
99.2%
Classification
Status
draft
Affected Products (2)
microsoft/html_help
microsoft/html_help_workshop
Timeline
Published
Feb 06, 2006
Tracked Since
Feb 18, 2026