Stack-based buffer overflow in the HrShellOpenWithMonikerDisplayName function in Microsoft Hyperlink Object Library (hlink.dll) allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long hyperlink, as demonstrated using an Excel worksheet with a long link in Unicode, aka "Hyperlink COM Object Buffer Overflow Vulnerability." NOTE: this is a different issue than CVE-2006-3059.
References
Configurations
History
No history.
Information
Published : 2006-06-19 19:02
Updated : 2024-02-28 10:42
NVD link : CVE-2006-3086
Mitre link : CVE-2006-3086
CVE.ORG link : CVE-2006-3086
JSON object : View
Products Affected
microsoft
- hyperlink_object_library
CWE
CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer