CVE-2009-0133

CVE-2009-0133 describes a stack buffer overflow in Microsoft HTML Help Workshop 4.74 and earlier triggered by a crafted .hhp project file with a long Index file field, enabling context-dependent attackers to execute arbitrary code. Connected data confirms related public disclosures and exploitati...

CVE-2006-0564

CVE-2006-0564 describes a stack-based buffer overflow in Microsoft HTML Help Workshop 4.74 (and possibly earlier) and in HTML Help 1.4 SDK. Public details in connected sources show that an attacker can exploit this via a crafted .hhp file with a long Contents/Index field to achieve arbitrary code...

CVE-2007-0352

CVE-2007-0352 describes a stack-based buffer overflow in Microsoft Help Workshop 4.03.0002 during CNT file parsing. The root cause is insufficient boundary checks of strings in CNT content, allowing a crafted CNT line (starting with an integer and a long string) to overflow a buffer and potential...

CVE-2007-0427

The CVE-2007-0427 case concerns Microsoft Help Workshop 4.03.0002, where a stack-based buffer overflow occurs in the HPJ OPTIONS section. A long HLP field in an HPJ file can lead to user-assisted remote code execution, with impact described as arbitrary code run in the context of the current user...