Microsoft Help Workshop CNT Help Contents Buffer Overflow (CVE-2007-0352)

The Microsoft Help Workshop is a development tool to create Help HLP files for Windows based applications. Help Workshop uses project HPJ and content CNT files, along with other resource to compile the final help file that can be viewed using the Microsoft Windows Help program. A buffer overflow...

Microsoft Help Workshop .CNT file buffer overflow

Added: 01/31/2007 CVE: CVE-2007-0352 BID: 22100 OSVDB: 31898 Background Microsoft Help Workshop is a standard component of Microsoft Visual Studio and is also available as a standalone product. Problem A buffer overflow vulnerability in Microsoft Help Workshop allows command execution when a user...

Microsoft Help Workshop .CNT file buffer overflow

Added: 01/31/2007 CVE: CVE-2007-0352 BID: 22100 OSVDB: 31898 Background Microsoft Help Workshop is a standard component of Microsoft Visual Studio and is also available as a standalone product. Problem A buffer overflow vulnerability in Microsoft Help Workshop allows command execution when a user...

Microsoft Help Workshop .CNT file buffer overflow

Added: 01/31/2007 CVE: CVE-2007-0352 BID: 22100 OSVDB: 31898 Background Microsoft Help Workshop is a standard component of Microsoft Visual Studio and is also available as a standalone product. Problem A buffer overflow vulnerability in Microsoft Help Workshop allows command execution when a user...

CVE-2007-0352

CVE-2007-0352 describes a stack-based buffer overflow in Microsoft Help Workshop 4.03.0002 during CNT file parsing. The root cause is insufficient boundary checks of strings in CNT content, allowing a crafted CNT line (starting with an integer and a long string) to overflow a buffer and potential...