header-logo
Suggest Exploit
vendor:
Windows
by:
SecurityFocus
7.5
CVSS
HIGH
Heap-Based Buffer Overflow
119
CWE
Product Name: Windows
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: YES
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Windows
2005

Microsoft Windows Heap-Based Buffer Overflow Vulnerability

Microsoft Windows is prone to a heap-based buffer overflow vulnerability. This issue exists in 'winhlp32.exe' and is exposed when a malformed phrase compressed Windows Help file (.hlp) is processed by the program. Successful exploitation may allow execution of arbitrary code in the context of the user that opens the malicious Help file. The Help file may originate from an external or untrusted source, so this vulnerability is considered remote in nature.

Mitigation:

Users should avoid opening untrusted or suspicious Help files.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/12092/info

Microsoft Windows is prone to a heap-based buffer overflow vulnerability. This issue exists in 'winhlp32.exe' and is exposed when a malformed phrase compressed Windows Help file (.hlp) is processed by the program.

Successful exploitation may allow execution of arbitrary code in the context of the user that opens the malicious Help file. The Help file may originate from an external or untrusted source, so this vulnerability is considered remote in nature. 

https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/25050.gz

Navigation

Suggest Exploit

Services By CQR