CVE-2006-3086
CVE-2006-3086
Stack-based buffer overflow in the HrShellOpenWithMonikerDisplayName function in Microsoft Hyperlink Object Library (hlink.dll) allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long hyperlink, as demonstrated using an Excel worksheet with a long link in Unicode, aka "Hyperlink COM Object Buffer Overflow Vulnerability." NOTE: this is a different issue than CVE-2006-3059.
Affected products
n/a · n/apublic PoCs found — 1
exploitdbwww.exploit-db.com/exploits/1927unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://blogs.technet.com/msrc/archive/2006/06/20/437826.aspxhttp://marc.info/?l=full-disclosure&m=115067840426070&w=2https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-050http://secunia.com/advisories/20748http://securitytracker.com/id?1016339https://exchange.xforce.ibmcloud.com/vulnerabilities/27224https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A999http://www.kb.cert.org/vuls/id/394444http://www.osvdb.org/26666http://www.securityfocus.com/archive/1/438057/100/0/threadedhttp://www.securityfocus.com/archive/1/438093/100/0/threadedhttp://www.securityfocus.com/archive/1/438096/100/0/threaded