Уязвимость в Microsoft HTML Help Workshop
[B]Обнаружена уязвимость в Microsoft HTML Help Workshop[/B]
(Microsoft HTML Help Workshop ".hhp" Parsing Buffer Overflow)
Обнаружена опасная уязвимость в Microsoft HTML Help Workshop v.4.74.8702.0(и предыдущих версиях). В результате ошибки обработки файла ".hpp" с длинным значением строковой переменой поля "Contents file" происходит переполнение буфера, которое может быть использовано злоумышленником с целью выполнения произвольного программного кода.
[url=http://users.pandora.be/bratax/exploits/htmlws.cpp]Эксплоит[/url]
Источник: [url]http://www.uinc.ru/news/sn5323.html[/url]
[B]Microsoft HTML Help Workshop ".hhp" Parsing Buffer Overflow[/B]
Secunia Advisory: SA18740 Print Advisory
Release Date: 2006-02-06
Critical: Moderately critical
Impact: System access
Where: From remote
Solution Status: Unpatched
Software: Microsoft HTML Help Workshop 4.x
[B]Description:[/B]
bratax has discovered a vulnerability in Microsoft HTML Help Workshop, which can be exploited by malicious people to compromise a user's system.
The vulnerability is caused due to a boundary error within the handling of a ".hhp" file that contains an overly long string in the "Contents file" field. This can be exploited to cause a stack-based buffer overflow and allows arbitrary code execution when a malicious ".hhp" file is opened.
Note: An exploit is publicly available.
The vulnerability has been confirmed in version 4.74.8702.0. Other versions may also be affected.
[B]Solution:[/B]
Do not open untrusted ".hhp" files.
Источник: [url=http://secunia.com/advisories/18740/]secunia.com[/url]
