2 matches found
CVE-2005-1208
Integer overflow in Microsoft Windows 98, 2000, XP SP2 and earlier, and Server 2003 SP1 and earlier allows remote attackers to execute arbitrary code via a crafted compiled Help .CHM file with a large size field that triggers a heap-based buffer overflow, as demonstrated using a "ms-its:" URL in...
CVE-2005-1208
CVE-2005-1208 describes a remote code execution vulnerability in Microsoft HTML Help (CHM/InfoTech Storage protocols like ms-its, ms-itss, its, mk:@MSITStore). The root cause is an integer overflow/heap-based buffer overflow when processing crafted CHM content with a large size field, exploitable...