Microsoft IE HTML Help Drag and Drop Arbitrary Code Injection

2004-10-19T09:23:41
ID OSVDB:10991
Type osvdb
Reporter http-equiv(http-equiv@excite.com )
Modified 2004-10-19T09:23:41

Description

Vulnerability Description

Windows contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to inadequate Local Machine Lockdown policies, in which an attacker can take advantage of HTML Help (hh.exe) to execute arbitrary code.

Solution Description

Currently, there are no known workarounds or upgrades to correct this issue. However, Microsoft has released a patch to address this vulnerability.

Short Description

Windows contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to inadequate Local Machine Lockdown policies, in which an attacker can take advantage of HTML Help (hh.exe) to execute arbitrary code.

References:

Vendor Specific Solution URL: http://support.microsoft.com/default.aspx?scid=kb;en-us;q154036 Security Tracker: 1011851 Secunia Advisory ID:11165 Secunia Advisory ID:12889 Related OSVDB ID: 10992 Packet Storm: http://packetstormsecurity.nl/0410-exploits/chmremote.txt Microsoft Security Bulletin: MS05-008 Microsoft Security Bulletin: MS05-014 Microsoft Knowledge Base Article: 867282 Mail List Post: http://archives.neohapsis.com/archives/fulldisclosure/2004-10/0728.html Mail List Post: http://archives.neohapsis.com/archives/fulldisclosure/2004-10/0754.html ISS X-Force ID: 17824 CVE-2004-0985 CERT VU: 939688 Bugtraq ID: 11467