Microsoft Windows Help File Unspecified Heap Overflow Vulnerability

Calendar

Quicksearch

Blog Administration

Microsoft Windows Help File Unspecified Heap Overflow Vulnerability

Saturday, April 14. 2007

Microsoft Windows Help File Unspecified Heap Overflow Vulnerability

"This vulnerability presents itself when the application handles a specially crafted Windows Help ('.hlp') file.

A successful attack may facilitate arbitrary code execution in the context of a vulnerable user who opens a malicious file. Failed exploit attempts will likely result in denial-of-service conditions."

/*
It looks like there's a proof-of-concept in the wild for this one, too. This is a specially crafted .hlp file. I advise against trying to open it until you know what it does.
*/

Posted by TJE in Advisories, Buffer Overflow, Exploits, Operating Systems, Vulnerabilities, Windows at 12:47 | Comments (0) | Trackbacks (0)

Trackbacks

Trackback specific URI for this entry

No Trackbacks

Comments

Display comments as (Linear | Threaded)

No comments

Add Comment

Name
Email
Homepage
In reply to
Comment	E-Mail addresses will not be displayed and will only be used for E-Mail notifications To prevent automated Bots from commentspamming, please enter the string you see in the image below in the appropriate input box. Your comment will only be submitted if the strings match. Please ensure that your browser supports and accepts cookies, or your comment cannot be verified correctly. Enter the string from the spam-prevention image above:
	Remember Information? Subscribe to this entry

Microsoft Windows Help File Unspecified Heap Overflow Vulnerability

forkb0mb.org

Calendar

Quicksearch

Categories

Archives

Blog Administration

Microsoft Windows Help File Unspecified Heap Overflow Vulnerability

Saturday, April 14. 2007