Microsoft Infotech存储库itss.dll堆破坏漏洞

Microsoft Windows是微软发布的非常流行的操作系统。 Microsoft Infotech存储系统库（itss.dll）是用于处理CHM/ITS格式文件的函数库。Microsoft将CHM文件归为危险的文件，类似于可执行文件。但攻击者可以通过诱骗用户反编译恶意的CHM文件触发itss.dll中的堆溢出漏洞，导致执行任意代码。 请注意如果用户反编译了恶意的CHM文件，即使没有打开该文件也可以触发这个漏洞。 Microsoft Windows XP SP2 Microsoft Windows XP SP1 Microsoft Windows 2000...

CVE-2006-2297

Heap-based buffer overflow in Microsoft Infotech Storage System Library itss.dll allows user-assisted attackers to execute arbitrary code via a crafted CHM / ITS file that triggers the overflow while decompiling...

Heap overflow

Heap-based buffer overflow in Microsoft Infotech Storage System Library itss.dll allows user-assisted attackers to execute arbitrary code via a crafted CHM / ITS file that triggers the overflow while decompiling...

Microsoft Infotech Storage Library - Heap Corruption

source: https://www.securityfocus.com/bid/17926/info Microsoft Windows is susceptible to a heap-corruption vulnerability while attempting to read specially crafted CHM or ITS files. This occurs in the 'ITSS.DLL' library. This vulnerability allows remote attackers to execute arbitrary machine code...