QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2006-3086

Back to search

CVE-2006-3086

Published: Jun 19, 2006

Modified: Aug 7, 2024

PUBLISHED

Description

Stack-based buffer overflow in the HrShellOpenWithMonikerDisplayName function in Microsoft Hyperlink Object Library (hlink.dll) allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long hyperlink, as demonstrated using an Excel worksheet with a long link in Unicode, aka "Hyperlink COM Object Buffer Overflow Vulnerability." NOTE: this is a different issue than CVE-2006-3059.

VendorProductVersions

n/a

n/a

affected
n/a

References

VU#394444
third-party-advisory
x_refsource_CERT-VN
ADV-2006-2431
vdb-entry
x_refsource_VUPEN
oval:org.mitre.oval:def:999
vdb-entry
signature
x_refsource_OVAL
26666
vdb-entry
x_refsource_OSVDB
excel-hlink-bo(27224)
vdb-entry
x_refsource_XF
20748
third-party-advisory
x_refsource_SECUNIA
MS06-050
vendor-advisory
x_refsource_MS
18500
vdb-entry
x_refsource_BID
1016339
vdb-entry
x_refsource_SECTRACK

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now