CVE-2004-0201

Related Files

HtmlHelpchm.txt

Posted Jul 14, 2004

Authored by Brett Moore SA | Site security-assessment.com

The HtmlHelp application (hh.exe) in Microsoft windows read a value from a .CHM file to set a length parameter. By setting this to a large value, it is possible to overwrite sections of the heap with attacker supplied values. Affected software includes: Microsoft Windows 98, 98SE, ME, Microsoft Windows NT 4.0, Microsoft Windows 2000 Service Pack 4, Microsoft Windows XP, Microsoft Windows XP Service Pack 1, Microsoft Windows Server 2003.

tags | advisory

systems | windows

advisories | CVE-2004-0201

SHA-256 | ac7c55f929b9e971cc8376ae4bda17d5f164652d10bf394f6db55a9ddb4eacb6

Download | Favorite | View

Technical Cyber Security Alert 2004-196A

Posted Jul 14, 2004

Authored by US-CERT | Site us-cert.gov

Technical Cyber Security Alert TA04-196A - Multitudes of vulnerabilities have been discovered amongst the Microsoft product line. Flaws that exist include Outlook Express failing to properly validate malformed e-mail headers, the Utility Manager allowing code execution, POSIX allowing code execution, IIS having a buffer overflow, the Task Scheduler having a buffer overflow, the HTML Help component failing to properly validate input data, and the Windows Shell allowing remote code execution.

tags | advisory, remote, overflow, shell, vulnerability, code execution

systems | windows, osx

advisories | CVE-2003-1041, CVE-2004-0201, CVE-2004-0205, CVE-2004-0210, CVE-2004-0212, CVE-2004-0213, CVE-2004-0215, CVE-2004-0420

SHA-256 | 1821f11a0fd592a922c98d1ad695e3b418762020d34a0f3cea361eefef4c0a68

Download | Favorite | View