9 matches found
MS07-008: Vulnerability in HTML Help ActiveX Control Could Allow Remote Code Execution (928843)
The remote host contains a version of the HTML Help ActiveX control that is vulnerable to a security flaw that could allow an attacker to execute arbitrary code on the remote host by constructing a malicious web page and entice a victim to visit this web page. Tenable Network Security, Inc...
MS05-026: Vulnerability in HTML Help Could Allow Remote Code Execution (896358)
The remote host contains a version of the HTML Help ActiveX control that is vulnerable to a security flaw that could allow an attacker to execute arbitrary code on the remote host by constructing a malicious web page and entice a victim to visit this web page. C Tenable Network Security, Inc...
Microsoft Internet Explorer DHTML Edit and Help ActiveX crossite scripting
DHTML ActiveX and Help allows code injection into context of different server. By combining this vulnerability it's psosible to execute code in local machine zone. This vulnerability can potentially be used for silent spyware/adware installation...
VulnCheck KEV: CVE-2004-1043
Internet Explorer 6.0 on Windows XP SP2 allows remote attackers to execute arbitrary code by using the "Related Topics" command in the Help ActiveX Control hhctrl.ocx to open a Help popup window containing the PCHealth tools.htm file in the local zone and injecting Javascript to be executed, as...
MS05-001: HTML Help Code Execution (890175)
The remote host contains a version of the HTML Help ActiveX control that could allow an attacker to execute arbitrary code on the remote host by constructing a malicious web page and entice a victim to visit this web page. C Tenable Network Security, Inc. include"compat.inc"; if description...
CVE-2004-1043
Internet Explorer 6.0 on Windows XP SP2 allows remote attackers to execute arbitrary code by using the "Related Topics" command in the Help ActiveX Control hhctrl.ocx to open a Help popup window containing the PCHealth tools.htm file in the local zone and injecting Javascript to be executed, as...
CVE-2002-0823
Buffer overflow in Winhlp32.exe allows remote attackers to execute arbitrary code via an HTML document that calls the HTML Help ActiveX control HHCtrl.ocx with a long pathname in the Item parameter...
CVE-2002-0693
Buffer overflow in the HTML Help ActiveX Control hhctrl.ocx in Microsoft Windows 98, 98 Second Edition, Millennium Edition, NT 4.0, NT 4.0 Terminal Server Edition, Windows 2000, and Windows XP allows remote attackers to execute code via 1 a long parameter to the Alink function, or 2 script...
Winhelp32 Remote Buffer Overrun
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 NGSSoftware Insight Security Research Advisory Name: Winhlp32.exe Remote BufferOverrun Systems Affected: Win2K Platform Severity: Critical Category: Remote Buffer Overrun Vendor URL: http://www.mircosoft.com Author: Mark Litchfield [email protected]...