11 matches found
Design/Logic Flaw
Untrusted search path vulnerability in Help & Manual 5.5.1 Build 1296 allows local users to gain privileges via a Trojan horse ijl15.dll file in the current working directory, as demonstrated by a directory that contains a .hmxz, .hmxp, .hmskin, .hmx, .hm3, .hpj, .hlp, or .chm file. NOTE: some of...
Microsoft Help Workshop HPJ OPTIONS Section Buffer Overflow (CVE-2007-0427)
The Microsoft Help Workshop product is a development tool that allows the design and development of help files frequently packaged with Windows based applications. The program is used to author help content and package it in Microsoft Help files such as HLP. There exists a buffer overflow...
Microsoft Help Workshop .HPJ file HLP field buffer overflow
Added: 01/26/2007 CVE: CVE-2007-0427 BID: 22135 OSVDB: 31899 Background Microsoft Help Workshop is a standard component of Microsoft Visual Studio and is also available as a standalone product. Problem A buffer overflow vulnerability in Microsoft Help Workshop allows command execution when a user...
Microsoft Help Workshop .HPJ file HLP field buffer overflow
Added: 01/26/2007 CVE: CVE-2007-0427 BID: 22135 OSVDB: 31899 Background Microsoft Help Workshop is a standard component of Microsoft Visual Studio and is also available as a standalone product. Problem A buffer overflow vulnerability in Microsoft Help Workshop allows command execution when a user...
Microsoft Help Workshop .HPJ file HLP field buffer overflow
Added: 01/26/2007 CVE: CVE-2007-0427 BID: 22135 OSVDB: 31899 Background Microsoft Help Workshop is a standard component of Microsoft Visual Studio and is also available as a standalone product. Problem A buffer overflow vulnerability in Microsoft Help Workshop allows command execution when a user...
Microsoft Help Workshop .HPJ file HLP field buffer overflow
Added: 01/26/2007 CVE: CVE-2007-0427 BID: 22135 OSVDB: 31899 Background Microsoft Help Workshop is a standard component of Microsoft Visual Studio and is also available as a standalone product. Problem A buffer overflow vulnerability in Microsoft Help Workshop allows command execution when a user...
Microsoft Help Workshop .HPJ文件缓冲区溢出漏洞
Microsoft Help Workshop是一款用于构建和管理帮助对象的应用工具。 Microsoft Help Workshop处理畸形.hpj文件存在问题,远程攻击者可以利用漏洞以应用程序进程权限执行任意指令。 问题存在于'OPTIONS'段中的'HLP'字段中的文件路径变量HelpFilePathString01缺少正确的边界条件检查,当字符串长度超过256字节,程序可导致缓冲区溢出。攻击者构建一个恶意.hpj文件,当使用Microsoft Help Workshop处理时可导致缓冲区溢出,精心构建提交数据可能以应用程序进程权限执行任意指令。 Microsoft Help...
Microsoft Help Workshop 4.03.0002 (.HPJ) Buffer Overflow Exploit
No description provided by source. // // // PoC exploit for .HPJ project files buffer overflow vulnerability in // Microsoft Help Workshop v4.03.0002 // The tool is standard component of MS Visual Studio v6.0 and 2003 .NET // // vulnerability found / exploit built by porkythepig // //...
Help project files (.HPJ) buffer overflow vulnerability in Microsoft Help Workshop
Advisory: ///////// Microsoft Help Workshop is prone to stack based memory corruption vulnerability during processing .HPJ help project files, caused by the lack of input data boundary check. It could be exploited by malicious entity to execute arbitrary code within the remote user context...
Microsoft Help Workshop buffer overflow
Buffer overflow on .cnt / .hpj files parsing...
Microsoft Help Workshop 4.03.0002 - '.HPJ' Local Buffer Overflow
// // // PoC exploit for .HPJ project files buffer overflow vulnerability in // Microsoft Help Workshop v4.03.0002 // The tool is standard component of MS Visual Studio v6.0 and 2003 .NET // // vulnerability found / exploit built by porkythepig // // include "stdio.h" include "stdlib.h" include...