header-logo
Suggest Exploit
vendor:
Windows XP
by:
SecurityFocus
9.3
CVSS
HIGH
Integer Overflow
190
CWE
Product Name: Windows XP
Affected Version From: Microsoft Windows 2000
Affected Version To: Microsoft Windows XP
Patch Exists: YES
Related CWE: CVE-2006-0022
CPE: o:microsoft:windows_xp
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Windows
2006

Microsoft Windows Integer Overflow Vulnerability

Microsoft Windows is prone to an integer overflow vulnerability. This issue exists in 'winhlp32.exe' and is exposed when a malformed phrase compressed Windows Help file (.hlp) is processed by the program. Successful exploitation may allow execution of arbitrary code in the context of the user that opens the malicious Help file. The Help file may originate from an external or untrusted source, so this vulnerability is considered remote in nature.

Mitigation:

Microsoft has released a patch to address this issue.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/12091/info

Microsoft Windows is prone to an integer overflow vulnerability. This issue exists in 'winhlp32.exe' and is exposed when a malformed phrase compressed Windows Help file (.hlp) is processed by the program.

Successful exploitation may allow execution of arbitrary code in the context of the user that opens the malicious Help file. The Help file may originate from an external or untrusted source, so this vulnerability is considered remote in nature. 

https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/25049.gz

Navigation

Suggest Exploit

Services By CQR

cqrsecured