Pay Attention to MS10-042 Update

Microsoft has released four new security bulletins in the July 2010 edition of patch Tuesday. These bulletins address five vulnerabilities. It is not uncommon, and has become expected, for a light patch Tuesday to follow a heavy patch Tuesday release from Microsoft. Last month, Microsoft released...

Buffer Overflow in IE/Outlook HTML Help

NGSSoftware Insight Security Research Advisory Name: Windows Help System Buffer Overflow Systems: Windows XP,2000,NT,ME and 98 Severity: High Risk Category: Buffer Overflow Vulnerability Vendor URL: http://www.microsoft.com/ Author: David Litchfield [email protected] Advisory URL:...

CVE-1999-0975

The Windows help system can allow a local user to execute commands as another user by editing a table of contents metafile with a .CNT extension and modifying the topic action to include the commands to be executed when the .hlp file is accessed...

CVE-1999-0975

The Windows help system can allow a local user to execute commands as another user by editing a table of contents metafile with a .CNT extension and modifying the topic action to include the commands to be executed when the .hlp file is accessed...

Microsoft Windows 9598NT 4.0 - Help File Backdoor

Microsoft Windows 9598NT 4.0 - Help File Backdoor source: https://www.securityfocus.com/bid/868/info The help files for the Windows Help system .cnt, .hlp can be edited so that they run an arbitrary executable when selected by a user. The executable will run at the privelege level of the user. Th...