Microsoft Help Workshop buffer overflow - security vulnerabilities database

[EN] securityvulns.ru
no-pyccku

Microsoft Help Workshop buffer overflow
updated since 18.01.2007
Published: 20.01.2007
Source: BUGTRAQ
SecurityVulns ID: 7068
Type: local
Level: 5/10
Description: Buffer overflow on .cnt / .hpj files parsing.

Affected: MICROSOFT : Microsoft Help Workshop 4.03
CVE: CVE-2007-0427 (Stack-based buffer overflow in Microsoft Help Workshop 4.03.0002 allows user-assisted remote attackers to execute arbitrary code via a help project (.HPJ) file with a long HLP field in the OPTIONS section.)
CVE-2007-0352 (Stack-based buffer overflow in Microsoft Help Workshop 4.03.0002 allows user-assisted remote attackers to execute arbitrary code via a crafted .cnt file composed of lines that begin with an integer followed by a space and a long string.)

Original document porkythepig_(at)_anspi.pl, Help project files (.HPJ) buffer overflow vulnerability in Microsoft Help Workshop (20.01.2007)

porkythepig_(at)_anspi.pl, Microsoft Help Workshop .CNT contents files buffer overflow vulnerability (18.01.2007)

Files: PoC exploit for .cnt files buffer overflow vulnerability in Microsoft Help Workshop v4.03.0002
PoC exploit for (.HPJ) project files buffer overflow vulnerability in Microsoft Help Workshop v4.03.0002
Discuss: Read or add your comments to this news (0 comments)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin