CVE-2006-6579

CVE-2006-6579 affects Microsoft Windows XP, where the directory %WINDIR%\pchealth\ERRORREP\QHEADLES has weak permissions (FILE_WRITE_DATA and FILE_READ_DATA granted to Everyone). This misconfiguration allows local users to write and read files in that folder. The description notes an ASP shell wi...

CVE-2004-1043

Internet Explorer 6.0 on Windows XP SP2 allows remote attackers to execute arbitrary code by using the "Related Topics" command in the Help ActiveX Control hhctrl.ocx to open a Help popup window containing the PCHealth tools.htm file in the local zone and injecting Javascript to be executed, as...

CVE-2004-1043

Internet Explorer 6.0 on Windows XP SP2 allows remote attackers to execute arbitrary code by using the "Related Topics" command in the Help ActiveX Control hhctrl.ocx to open a Help popup window containing the PCHealth tools.htm file in the local zone and injecting Javascript to be executed, as...

CVE-2003-0711

CVE-2003-0711 describes a stack-based buffer overflow in the PCHealth-HSC (Help and Support Center) HCP URL handling on Windows XP and Windows Server 2003. The unchecked buffer in the HCP protocol-handling file allows remote code execution with SYSTEM/Local privileges when a user clicks a crafted...

Microsoft PCHealth 2003/XP Buffer Overflow (#NISR15102003)

NGSSoftware Insight Security Research Advisory Name: Microsoft PCHealth Buffer Overflow Vulnerability Systems Affected: Windows 2003 and XP Severity: Critical Risk Vendor URL: http://www.microsoft.com/ Author: David Litchfield [email protected] Date Vendor Notified: 23rd July 2003 Date of...