Microsoft Help Workshop .HPJ file HLP field buffer overflow

2007-01-26T00:00:00
ID SAINT:605DB7D16AA1F31F4B4C83EE8F46F8D8
Type saint
Reporter SAINT Corporation
Modified 2007-01-26T00:00:00

Description

Added: 01/26/2007
CVE: CVE-2007-0427
BID: 22135
OSVDB: 31899

Background

Microsoft Help Workshop is a standard component of Microsoft Visual Studio and is also available as a standalone product.

Problem

A buffer overflow vulnerability in Microsoft Help Workshop allows command execution when a user opens a **.HPJ** file containing a long **HLP** field in the **OPTIONS** section.

Resolution

Do not open **.HPJ** files from untrusted sources.

References

<http://www.securityfocus.com/archive/1/457436>

Limitations

Exploit works on Microsoft Help Workshop 4.03 and requires the user to open the exploit file.

Platforms

Windows