CVSS: 9.3EPSS: 53%CPEs: 1EXPL: 0CVE-2006-3438
https://notcve.org/view.php?id=CVE-2006-3438
09 Aug 2006 — Unspecified vulnerability in Microsoft Hyperlink Object Library (hlink.dll), possibly a buffer overflow, allows user-assisted attackers to execute arbitrary code via crafted hyperlinks that are not properly handled when hlink.dll "uses a file containing a malformed function," aka "Hyperlink Object Function Vulnerability." Vulnerabilidad no especificada en Microsoft Hyperlink Object Library (hlink.dll), posiblemente un desbordamiento de búfer, permite a atacantes con la intervención del usuario ejecutar códi... • http://securitytracker.com/id?1016659 •
CVSS: 9.8EPSS: 43%CPEs: 1EXPL: 2CVE-2006-3086 – Microsoft Excel - Unicode Local Overflow (PoC)
https://notcve.org/view.php?id=CVE-2006-3086
19 Jun 2006 — Stack-based buffer overflow in the HrShellOpenWithMonikerDisplayName function in Microsoft Hyperlink Object Library (hlink.dll) allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long hyperlink, as demonstrated using an Excel worksheet with a long link in Unicode, aka "Hyperlink COM Object Buffer Overflow Vulnerability." NOTE: this is a different issue than CVE-2006-3059. Un desbordamiento de búfer basado en pila en la función HrShellOpenWithMonikerDisplay... • https://www.exploit-db.com/exploits/1927 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •