Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2006-3086
HistoryJun 19, 2006 - 7:02 p.m.

CVE-2006-3086

2006-06-1919:02:00
CWE-119
[email protected]
web.nvd.nist.gov
27
cve-2006-3086
hrshellopenwithmonikerdisplayname
microsoft
hyperlink object library
buffer overflow
remote attack
denial of service
excel
vulnerability

7.9 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.415 Medium

EPSS

Percentile

97.3%

JSON

Stack-based buffer overflow in the HrShellOpenWithMonikerDisplayName function in Microsoft Hyperlink Object Library (hlink.dll) allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long hyperlink, as demonstrated using an Excel worksheet with a long link in Unicode, aka “Hyperlink COM Object Buffer Overflow Vulnerability.” NOTE: this is a different issue than CVE-2006-3059.

References

Related

cve 2
securityvulns 4
saint 4
seebug 1
cert 2
nessus 3
checkpoint_advisories 3
cve
cve
CVE-2006-3059
2006-06-17 13:18:00
CVE-2006-3431
2006-07-07 18:05:00
securityvulns
securityvulns
[Full-disclosure] TSRT-06-10: Microsoft HLINK.DLL Hyperlink Object Library Buffer Overflow Vulnerability
2006-08-09 00:00:00
TSRT-06-10: Microsoft HLINK.DLL Hyperlink Object Library Buffer Overflow Vulnerability
2006-08-10 00:00:00
Microsoft Security Bulletin MS06-050 Vulnerabilities in Microsoft Windows Hyperlink Object Library Could Allow Remote Code Execution (920670)
2006-08-09 00:00:00
saint
saint
Microsoft Excel URL unicode buffer overflow
2006-06-21 00:00:00
Microsoft Excel URL unicode buffer overflow
2006-06-21 00:00:00
Microsoft Excel URL unicode buffer overflow
2006-06-21 00:00:00
seebug
seebug
Microsoft Windows Hyperlink Object Library Remote Code Execution(MS06-050)
2006-10-24 00:00:00
cert
cert
Microsoft Hyperlink Object Library stack buffer overflow
2006-06-21 00:00:00
Microsoft Excel vulnerability
2006-06-16 00:00:00
nessus
nessus
MS06-050: Vulnerabilities in Microsoft Windows Hyperlink Object Library Could Allow Remote Code Execution (920670)
2006-08-08 00:00:00
MS06-037: Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (917285)
2006-07-11 00:00:00
MS06-037 / MS06-038: Vulnerabilities in Microsoft Excel and Office Could Allow Remote Code Execution (917284 / 917285) (Mac OS X)
2006-07-11 00:00:00
checkpoint_advisories
checkpoint_advisories
Microsoft Excel Crafted URL Unicode Buffer Overflow (MS06-050; CVE-2006-3086; CVE-2011-0104)
2011-02-24 00:00:00
X97EmbedAn Excel Document Code Execution - Ver2 (CVE-2006-3059)
2015-03-26 00:00:00
Update Protection against Microsoft Excel Vulnerabilities (MS06-037)
2006-07-11 00:00:00

7.9 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.415 Medium

EPSS

Percentile

97.3%

JSON
Related for CVE-2006-3086
cve2securityvulns4saint4seebug1cert2nessus3checkpoint_advisories3