Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveMitreCVE-2006-3086
HistoryJun 19, 2006 - 7:02 p.m.

CVE-2006-3086

2006-06-1919:02:00
CWE-119
mitre
web.nvd.nist.gov
39
cve-2006-3086
hrshellopenwithmonikerdisplayname
microsoft
hyperlink object library
buffer overflow
remote attack
denial of service
excel
vulnerability

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

7.8

Confidence

Low

EPSS

0.95

Percentile

99.3%

JSON

Stack-based buffer overflow in the HrShellOpenWithMonikerDisplayName function in Microsoft Hyperlink Object Library (hlink.dll) allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long hyperlink, as demonstrated using an Excel worksheet with a long link in Unicode, aka “Hyperlink COM Object Buffer Overflow Vulnerability.” NOTE: this is a different issue than CVE-2006-3059.

Affected configurations

Nvd
Node
microsofthyperlink_object_library
VendorProductVersionCPE
microsofthyperlink_object_library*cpe:2.3:a:microsoft:hyperlink_object_library:*:*:*:*:*:*:*:*

References

Related

nvd 3
cvelist 3
cve 2
saint 4
cert 2
seebug 1
securityvulns 4
exploitdb 2
nessus 3
checkpoint_advisories 3
nvd
nvd
CVE-2006-3086
2006-06-19 19:02:00
CVE-2006-3059
2006-06-17 13:18:00
CVE-2006-3431
2006-07-07 18:05:00
cvelist
cvelist
CVE-2006-3086
2006-06-19 19:00:00
CVE-2006-3059
2006-06-17 01:00:00
CVE-2006-3431
2006-07-07 18:00:00
cve
cve
CVE-2006-3059
2006-06-17 13:18:00
CVE-2006-3431
2006-07-07 18:05:00
saint
saint
Microsoft Excel URL unicode buffer overflow
2006-06-21 00:00:00
Microsoft Excel URL unicode buffer overflow
2006-06-21 00:00:00
Microsoft Excel URL unicode buffer overflow
2006-06-21 00:00:00
cert
cert
Microsoft Hyperlink Object Library stack buffer overflow
2006-06-21 00:00:00
Microsoft Excel vulnerability
2006-06-16 00:00:00
seebug
seebug
Microsoft Windows Hyperlink Object Library Remote Code Execution(MS06-050)
2006-10-24 00:00:00
securityvulns
securityvulns
[Full-disclosure] TSRT-06-10: Microsoft HLINK.DLL Hyperlink Object Library Buffer Overflow Vulnerability
2006-08-09 00:00:00
TSRT-06-10: Microsoft HLINK.DLL Hyperlink Object Library Buffer Overflow Vulnerability
2006-08-10 00:00:00
Microsoft Security Bulletin MS06-050 Vulnerabilities in Microsoft Windows Hyperlink Object Library Could Allow Remote Code Execution (920670)
2006-08-09 00:00:00
exploitdb
exploitdb
Microsoft Excel - Unicode Local Overflow (PoC)
2006-06-18 00:00:00
Microsoft Excel - Code Execution
2006-06-22 00:00:00
nessus
nessus
MS06-050: Vulnerabilities in Microsoft Windows Hyperlink Object Library Could Allow Remote Code Execution (920670)
2006-08-08 00:00:00
MS06-037: Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (917285)
2006-07-11 00:00:00
MS06-037 / MS06-038: Vulnerabilities in Microsoft Excel and Office Could Allow Remote Code Execution (917284 / 917285) (Mac OS X)
2006-07-11 00:00:00
checkpoint_advisories
checkpoint_advisories
Microsoft Excel Crafted URL Unicode Buffer Overflow (MS06-050; CVE-2006-3086; CVE-2011-0104)
2011-02-24 00:00:00
X97EmbedAn Excel Document Code Execution - Ver2 (CVE-2006-3059)
2015-03-26 00:00:00
Update Protection against Microsoft Excel Vulnerabilities (MS06-037)
2006-07-11 00:00:00

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

7.8

Confidence

Low

EPSS

0.95

Percentile

99.3%

JSON
Related for CVE-2006-3086
nvd3cvelist3cve2saint4cert2seebug1securityvulns4exploitdb2nessus3checkpoint_advisories3