CVE-2006-3086

Stack-based buffer overflow in the HrShellOpenWithMonikerDisplayName function in Microsoft Hyperlink Object Library (hlink.dll) allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long hyperlink, as demonstrated using an Excel worksheet with a long link in Unicode, aka "Hyperlink COM Object Buffer Overflow Vulnerability." NOTE: this is a different issue than CVE-2006-3059.
Configurations

Configuration 1 (hide)

cpe:2.3:a:microsoft:hyperlink_object_library:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2006-06-19 19:02

Updated : 2024-02-28 10:42


NVD link : CVE-2006-3086

Mitre link : CVE-2006-3086

CVE.ORG link : CVE-2006-3086


JSON object : View

Products Affected

microsoft

  • hyperlink_object_library
CWE
CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer