This vulnerability is caused by an error in the HTML Help ActiveX control (hhctrl.ocx). When handling the "Image" property within an HTML file, the vulnerability can be exploited by using a long string to cause memory corruption (buffer overflow). Successful exploit could lead to the execution of remote code on a compromised PC.
Additional Resources:
- Mitre. org: CVE-2006-3657
- Secunia advisory: 20906