myITforum.com
Welcome to myITforum.com Sign in | Join | Help
in Search
Site Home Home Bloggers List Blogs Photos Downloads

Harry Waldron - My IT Forums Blog

Sharing Security Developments, and Best Practices for corporate and home users

Microsoft HTML Workshop product - New unpatched vulnerability & POC exploit

This development tool is part of an SDK that can help Client/Server or web developers in authoring help screens for applications.  This unpatched exploit is rated moderately critical and an exploit has been published.

Microsoft HTML Help Workshop "hhp" File Handling Buffer Overflow Issue
http://secunia.com/advisories/18740/
http://www.frsirt.com/english/advisories/2006/0446

Rated as : Moderate Risk
Remotely Exploitable : Yes
Locally Exploitable : Yes
Release Date : 2006-02-06

Exploits: POC exploit published at FrSIRT's site

Affected Products: Microsoft HTML Help Workshop version 4.74.8702.0 and prior

Solution:  Do not open untrusted ".hhp" files, as an there are no officially supplied patch for this issue yet.

Technical Description: A vulnerability has been identified in Microsoft HTML Help Workshop, which could be exploited by attackers to execute arbitrary commands. This flaw is due to a buffer overflow error when processing a specially crafted ".hhp" file containing an overly long "Contents file" field, which could be exploited by remote attakers to compromise a vulnerable system by convincing a user to open a malicious ".hhp" file.

Published Feb 07 2006, 06:15 AM by hwaldron

Comments

No Comments

This Blog

Syndication
Copyright - www.myITforum.com, Inc. - 2007 All Rights reserved.
Powered by Community Server (Commercial Edition), by Telligent Systems