Mass WordPress Compromise Fuels CRIDEX Worm Outbreak

There are a number of compromised sites on the popular blogging platform, WordPress, which, according to a Trend Labs report, are actively infecting users with the CRIDEX worm. The infections are part of a social engineering campaign that lures users with emails purporting to come from trusted...

VulnCheck KEV: CVE-2010-1885

The MPC::HexToNum function in helpctr.exe in Microsoft Windows Help and Support Center in Windows XP and Windows Server 2003 does not properly handle malformed escape sequences, which allows remote attackers to bypass the trusted documents whitelist fromHCP option and execute arbitrary commands...

Stuxnet Media Storm Now Feeding SEO Attacks?

How do you know when a computer virus has officially jumped the fence to become a media sensation? Probably when scammers start using popular interest in it as bait for their own malware. So it is with the Stuxnet worm, which was identified in July, but has become the focus of intense media...

Microsoft Help Center - Cross-Site Scripting / Command Execution (MS10-042) (Metasploit)

$Id: ms10042helpctrxsscmdexec.rb 10388 2010-09-20 04:37:25Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

Microsoft Help Center XSS and Command Execution

Help and Support Center is the default application provided to access online documentation for Microsoft Windows. Microsoft supports accessing help documents directly via URLs by installing a protocol handler for the scheme "hcp". Due to an error in validation of input to hcp:// combined with a...

Huge Increase Seen in Attacks on Windows Help Center Flaw

Attackers are ramping up their attempts to exploit the recently disclosed vulnerability in the Windows Help and Support Center in Windows XP. There have been targeted attacks against the flaw for two weeks now, but experts have noticed a major increase in the volume and spread of them in recent...

MS KB2219475: Windows Help Center hcp:// Protocol Handler Arbitrary Code Execution

If a remote attacker can trick a user on the affected host into accessing a malicious web page containing specially crafted 'hcp://' URLs, an as-yet unpatched vulnerability in Windows Help and Support Center that arises due to its failure to validate URLs that use the HCP protocol could be...

Mike Mimoso on Targeted Attacks and the Google-Microsoft Controversy

Dennis Fisher talks with Mike Mimoso of SearchSecurity.com and Information Security magazine about the current spate of highly targeted attacks, the silliness of the term cyberwar and the controversy surrounding the disclosure of the Windows Help Center flaw. Podcast audio courtesy of sykboy65...

Attackers Exploiting Windows Help Center Flaw

Researchers have found evidence that attackers are exploiting the vulnerability in the Windows Help and Support Center that was at the center of so much controversy last week. The flaw, which is in the protocol handler related to the Microsoft Windows Help and Support Center, was disclosed late...

CVE-2010-1885

The MPC::HexToNum function in helpctr.exe in Microsoft Windows Help and Support Center in Windows XP and Windows Server 2003 does not properly handle malformed escape sequences, which allows remote attackers to bypass the trusted documents whitelist fromHCP option and execute arbitrary commands v...

Input validation

The MPC::HexToNum function in helpctr.exe in Microsoft Windows Help and Support Center in Windows XP and Windows Server 2003 does not properly handle malformed escape sequences, which allows remote attackers to bypass the trusted documents whitelist fromHCP option and execute arbitrary commands v...

Microsoft Help Center XSS and Command Execution

$Id: ms10xxxhelpctrxsscmdexec.rb 9518 2010-06-15 05:44:29Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

CVE-2010-1885

The CVE-2010-1885 entry concerns the Windows Help and Support Center (HelpCtr) in Windows XP and Windows Server 2003. The vulnerability stems from the MPC::HexToNum function in helpctr.exe failing to properly handle malformed escape sequences, allowing a crafted hcp:// URL to bypass the trusted d...

Microsoft Windows帮助和支持中心绕过白名单限制漏洞

BUGTRAQ ID: 40725,40721 CVE ID: CVE-2010-1885 Windows是微软发布的非常流行的操作系统。 Windows中默认提供了帮助和支持中心以访问在线文档，可通过hcp://形式的URL直接访问帮助文档。在通过注册的协议处理器调用hcp:// URL时，会向帮助中心应用传送命令行参数/fromhcp，这个标记将帮助中心切换到受限制的模式，仅允许白名单中的帮助文档和参数。但这个白名单实现并不安全，可能被绕过。 在进行验证之前首先要使用MPC::HTML::UrlUnescapeW函数规范化和转义URL，该函数使用MPC::HexToNum将...

CVE-2010-1652

Directory traversal vulnerability in the HelpCenter module in Help Center Live HCL 2.0.6 and 2.1.7 allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. dot dot in the file parameter to module.php. NOTE: some of these details are obtained from third...

CVE-2010-1652

The CVE-2010-1652 issue affects Help Center Live (HCL) in the HelpCenter module for versions 2.0.6 and 2.1.7. It is a directory traversal (local file inclusion) vulnerability exploited via a dot-dot sequence in the file parameter to module.php, allowing remote attackers to read arbitrary files an...

CVE-2010-1652

Directory traversal vulnerability in the HelpCenter module in Help Center Live HCL 2.0.6 and 2.1.7 allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. dot dot in the file parameter to module.php. NOTE: some of these details are obtained from third...

Help Center Live 2.0.6 Local File Inclusion

Exploit Title: Help Center Live 2.0.6module=helpcenter&file= Local File Inclusion Date: 27-4-2010 Author: 41.w4r10r Software Link : Version: Web Application Tested on: Apcahe/Unix CVE : if exists Dork : inurl:"module=helpcenter" Code :...

Help Center Live class/auth.php check_logout Function Admin Authentication Bypass

The remote host is running Help Center Live, an open source, web-based help desk application written in PHP. The version of Help Center Live installed on the remote host has several administrative scripts that fail to exit if called without valid credentials. An unauthenticated attacker may be ab...

CVE-2007-4240

Help Center Live (hcl) 2.1.3a contains an authentication bypass in the check_logout function of class/auth.php. When administrative credentials are missing, the function redirects but does not exit, enabling an unauthenticated attacker to trigger actions via requests to admin/departments.php, adm...