libmspack Buffer Overflow Vulnerability

Libmspack is a library that can compress and decompress files in CAB, CHM and HLP formats. A security vulnerability exists in the 'chmdreadheaders' function in the mspack/chmd.c file in versions of Libmspack prior to 0.8alpha. No details of the vulnerability are provided at this time...

MS Windows XP/2000/NT 4 Help Facility ActiveX Control Buffer Overflow

No description provided by source. source: http://www.securityfocus.com/bid/5874/info The ActiveX control that provides much of the functionality for the Windows Help Center contains an unchecked buffer. Successful exploitation could result in execution of arbitrary code in the security context o...

iCAM Workstation Control 4.8.0.0 - Authentication Bypass

iCAM Workstation Control 4.8.0.0 - Authentication Bypass Exploit Title: iCAM Workstation Control Software Local Authentication Bypass Google Dork: Vendor: Insight Media Internet Limited is based in the North West of England, and has 10 years experience in developing both internet and software...

iCAM Workstation Control 4.8.0.0 - Authentication Bypass Vulnerability

Exploit for windows platform in category local exploits 1. From the login screen most keys are blocked accept alphanumeric keys. However if you press the Alt & Tab hotkey then you can access the desktop of the user currently running the iCAM client. 2. Although a blank desktop, you can then press...

Mass WordPress Compromise Fuels CRIDEX Worm Outbreak

There are a number of compromised sites on the popular blogging platform, WordPress, which, according to a Trend Labs report, are actively infecting users with the CRIDEX worm. The infections are part of a social engineering campaign that lures users with emails purporting to come from trusted...

Applications that use the Windows Help function may be vulnerable to privilege escalation

Overview Applications or Services that call the Windows Help function in an insecure manner may allow a user unauthorized access to resrouces on the system. Applications or Services that call the Windows Help function in an insecure manner may allow a user unauthorized access to resrouces on the...

JVN#63898867: Applications that use the Windows Help function may be vulnerable to privilege escalation

Applications or Services that call the Windows Help function in an insecure manner may allow a user unauthorized access to resrouces on the system. This issue may occur in applications or services where the Help function is not called in a secure manner. An example of this is when Anti-virus...

Stuxnet Media Storm Now Feeding SEO Attacks?

How do you know when a computer virus has officially jumped the fence to become a media sensation? Probably when scammers start using popular interest in it as bait for their own malware. So it is with the Stuxnet worm, which was identified in July, but has become the focus of intense media...

Microsoft Windows HLP File Handling Heap Buffer Overflow (CVE-2007-1912)

Microsoft Windows includes a standard Help system to assist the user working with applications. The WinHelp system, first introduced with Microsoft Windows 3.1, allows a developer to create a searchable document with a table of contents, images, hyper-links and other features. The developer may...

Pay Attention to MS10-042 Update

Microsoft has released four new security bulletins in the July 2010 edition of patch Tuesday. These bulletins address five vulnerabilities. It is not uncommon, and has become expected, for a light patch Tuesday to follow a heavy patch Tuesday release from Microsoft. Last month, Microsoft released...

MS Patch Tuesday: Googler Zero-Day Fixed in 33 Days

Last month, when Google researcher Tavis Ormandy released details on a critical Help and Support Center vulnerability that exposed Windows XP and Windows Server 2003 users to malicious hacker attacks, Microsoft was publicly unhappy with the decision. Ormandy claims he spent five days negotiating...

MS KB2219475: Windows Help Center hcp:// Protocol Handler Arbitrary Code Execution

If a remote attacker can trick a user on the affected host into accessing a malicious web page containing specially crafted 'hcp://' URLs, an as-yet unpatched vulnerability in Windows Help and Support Center that arises due to its failure to validate URLs that use the HCP protocol could be...

Mike Mimoso on Targeted Attacks and the Google-Microsoft Controversy

Dennis Fisher talks with Mike Mimoso of SearchSecurity.com and Information Security magazine about the current spate of highly targeted attacks, the silliness of the term cyberwar and the controversy surrounding the disclosure of the Windows Help Center flaw. Podcast audio courtesy of sykboy65...

Attackers Exploiting Windows Help Center Flaw

Researchers have found evidence that attackers are exploiting the vulnerability in the Windows Help and Support Center that was at the center of so much controversy last week. The flaw, which is in the protocol handler related to the Microsoft Windows Help and Support Center, was disclosed late...

Input validation

The MPC::HexToNum function in helpctr.exe in Microsoft Windows Help and Support Center in Windows XP and Windows Server 2003 does not properly handle malformed escape sequences, which allows remote attackers to bypass the trusted documents whitelist fromHCP option and execute arbitrary commands v...

Windows Help and Support Center -FromHCP URL whitelist bypass

Added: 06/15/2010 CVE: CVE-2010-1885 BID: 40725 OSVDB: 65264 Background The Microsoft Windows Help and Support Center is a resource in Microsoft Windows operating systems for online help, support, tools, how-to articles, and other resources. Problem A vulnerability in Windows Help and Support...

CVE-2010-1885

The MPC::HexToNum function in helpctr.exe in Microsoft Windows Help and Support Center in Windows XP and Windows Server 2003 does not properly handle malformed escape sequences, which allows remote attackers to bypass the trusted documents whitelist fromHCP option and execute arbitrary commands v...

Microsoft Windows Help Centre Handles Malformed Escape Sequences Incorrectly

Microsoft Windows Help Centre Handles Malformed Escape Sequences Incorrectly ---------------------------------------------------------------------------- Help and Support Centre is the default application provided to access online documentation for Microsoft Windows. Microsoft supports accessing...

Internet Explorer Windows Help and Support Center Remote Code Execution (CVE-2010-1885)

The Help and Support Center HSC is a feature in Windows that provides help on a variety of topics. HSC enables users to learn about Windows features, download and install software updates, get assistance from Microsoft and so forth. A remote attacker could exploit this issue by convincing a user ...

This Week In Security: The Full Disclosure Rabbit Hole Re-Opens

Had you gone to sleep in 2004 and woken up three days ago, you’d be forgiven for thinking you’d only slept a few hours instead of a few years. This week saw the inglorious return of not just the full disclosure debate, but also of the heated rhetoric that usually accompanies it. Had you awoken to...