Windows 2000 Unchecked Buffer Help Security Vulnerability Patch for Windows Free Download in Encryption & Decryption Software Tag

     
Tags
3D Modeling Software  Digital Photo Software  Disk & File Software  Internet Software  Communication Software  Developer Tools  System Utilities  CAD Software  Security Software  Graphic Design Software  Audio Software  Games  Educational & Science Software  Business & Office Software  Video Players  Wireless Networking Software  Drivers  Privacy Software & Access control  Networking Software  Video Software  Database Management Software 
Search by Category
Audio Software
Browsers
Business & Office Software
CD & DVD Software
Communication Software
Desktop Enhancements
Developer Tools
Digital Photo Software
Disk & File Software
Drivers
Educational & Science Software
Entertainment & Hobby Software
Games
Graphic Design Software
Home & Family Software
Internet Software
iTunes & iPod Software
Networking Software
Productivity Software
Screensavers
Security Software
Anti-Spyware
Antivirus Software
Corporate Security Software
Encryption & Decryption Software
Firewall Software
Internet Security Software Suites
Keyloggers
Password Managers
Privacy Software & Access control
Security Monitoring Software
System Utilities
Travel & Navigation Software
Video Software
Web Development Software
     




 
 
Windows 2000 Unchecked Buffer Help Security Vulnerability Patch

Windows 2000 Unchecked Buffer Help Security Vulnerability Patch
Version: MS02-055
Platforms: Windows

Categories: Security Software
Upload Date: 2 Nov 15
Developer: Microsoft
Distribution Type: Freeware
Downloads: 0
File Size: 876 Kb
Free Download Windows 2000 Unchecked Buffer Help Security Vulnerability Patch 

Rating: 1.0/5 (Total votes: 1)


 
The HTML Help facility in Windows includes an ActiveX control that provides much of its functionality. One of the functions exposed via the control contains an unchecked buffer, which could be exploited by a Web page hosted on an attacker?s site or sent to a user as an HTML mail. An attacker who successfully exploited the vulnerability would be able to run code in the security context of the user, thereby gaining the same privileges as the user on the system.

A second vulnerability exists because of flaws associated with the handling of compiled HTML Help files that contain shortcuts. Because shortcuts allow HTML Help files to take any desired action on the system, only trusted HTML Help files should be allowed to use them. Two flaws allow this restriction to be bypassed. First, the HTML Help facility incorrectly determines the Security Zone in the case where a Web page or HTML mail delivers a CHM file to the Temporary Internet Files folder and subsequently opens it. Instead of handling the CHM file in the correct zone--the one associated with the Web page or HTML mail that delivered it--the HTML Help facility incorrectly handles it in the Local Computer Zone, thereby considering it trusted and allowing it to use shortcuts. This error is compounded by the fact that the HTML Help facility doesn?t consider what folder the content resides in. Were it to do so, it could recover from the first flaw, as content within the Temporary Internet Folder is clearly not trusted, regardless of the Security Zone it renders in.

The attack scenario for this vulnerability would be complex, and involves using an HTML mail to deliver a CHM file that contains a shortcut, then making use of the flaws to open it and allow the shortcut to execute. The shortcut would be able to perform any action the user had privileges to perform on the system.

Requirements:

Windows 2000

 
Like it? Share with your friends!   
 

Other Windows Software of Developer «Microsoft»:

Microsoft Word 97 Update: Mail Merge SecurityMicrosoft Word 97 Update: Mail Merge Security
The Word 97 Mail Merge Security Update protects you from a vulnerability in the mail merge function in Word by increasing the security in the connection between Word mail merge documents and Access databases.Requirements:Windows NT 4 SP 6Windows 2003 SP 1W
Microsoft Access Database Engine 2010 Redistributable (32-bit)Microsoft Access Database Engine 2010 Redistributable (32-bit)
Microsoft Access Database Engine 2010 Redistributable (32-bit) enables the transfer of data between existing Microsoft Office files such as Microsoft Office Access 2010 (*.mdb and *.accdb) files and Microsoft Office Excel 2010 (*.xls, *.xlsx, and *.xlsb) f
Data Synchronization Update for Windows CE Platform Builder 3.0Data Synchronization Update for Windows CE Platform Builder 3.0
ActiveSync in Windows CE Platform Builder 3.0 does not include support for partnerships or data synchronization with your Windows CE device. The new components included in this update enable partnerships, file synchronization, system restore and generic da
Windows XP Video Decoder Checkup UtilityWindows XP Video Decoder Checkup Utility
Windows XP Video Decoder Checkup Utility helps you determine if an MPEG-2 video decoder (also called a DVD decoder) is installed on your Windows XP computer and whether or not the decoder is compatible with Windows Media Player 10 and Windows XP Media Cent
Security Update for Office 2003 Multilingual User Interface Pack (KB892843)Security Update for Office 2003 Multilingual User Interface Pack (KB892843)
A security vulnerability exists in Microsoft Office Outlook 2003 that could allow arbitrary code to run when opening a maliciously modified e-mail. Security Update for Office 2003 Multilingual User Interface Pack (KB892843) resolves that vulnerability when
Security Update for Outlook 2002 (KB905649)Security Update for Outlook 2002 (KB905649)
A security vulnerability exists in Microsoft Outlook 2002 that could allow arbitrary code to run when opening a malicious document. This update addresses that vulnerability. This version is the first release on CNET Download.com.What is new in this release
sysinternals PendMovessysinternals PendMoves
There are several applications, such as service packs and hotfixes, that must replace a file that's in use and is unable to. Windows therefore provides the MoveFileEx API to rename or delete a file and allows the caller to specify that they want the operat
sysinternals PsListsysinternals PsList
Instead of showing process information for the local system, PsList will show information for the NT/Win2K system specified. Include the -u switch with a username and password to login to the remote system if your security credentials do not permit you to
Microsoft Internet Security and Acceleration Server 2000 Patch Web ProxyMicrosoft Internet Security and Acceleration Server 2000 Patch Web Proxy
When an incoming Web request is made to a computer that is running Internet Security and Acceleration (ISA) Server and is publishing a Web page by using Web Publishing, the Web Proxy service may stop and an access violation may occur. This problem can occ
Microsoft Visual Studio Code Name Orcas Language-Integrated Query, May 2006 Community Technology PreviewMicrosoft Visual Studio Code Name Orcas Language-Integrated Query, May 2006 Community Technology Preview
LINQ is a codename for a set of extensions to the .NET Framework that encompass language-integrated data query, set, and transform operations. It includes extensions to the C# and Visual Basic languages with native language syntax for queries and provides

» show all

 
Similar Applications:

Private Post DesktopPrivate Post Desktop
Very easy to use email encryption software that allows you to encrypt to anyone knowing only their email address. Email can be read using plug-ins for Outlook and Outlook Express, a free reader for Windows or a Web Browser for everyone else. This software
SafeSexSafeSex
SafeSex allows you to have some notes that are easily accessible, but relatively secure. It sits on your screen, waiting for a click, and on a click it will activate and give you access to your notes. That is, of course, if you enter the passphrase that yo
DeepSoundDeepSound
DeepSound is a steganography tool. It hides secret data into audio files - wave and flac. The application also enable you to extract secret files directly from audio CD tracks. DeepSound can be used as a copyright marking software for wave, flac and audio
OpenOffice Password RecoveryOpenOffice Password Recovery
OpenOffice Password Recovery is an all-in-one solution to the problem of lost passwords for OpenOffice documents. With its refreshingly simple interface, users can recover passwords and remove all types of document protection, including document ReadOnly p
SecExpertSecExpert
The program's detect technology covers from system AutoStartup setting to password stealing action monitor. Automatically up-to-date patches, discovers missing system patches, and deploys them safely. Predifined security policy fasten your PC into real C2-
Jihosoft iPhone Backup UnlockerJihosoft iPhone Backup Unlocker
iPhone users can protect backup in iTunes with a passcode using the Encrypt Backup option. What if you forgot iPhone backup password? Take it easy. Jihosoft iPhone Backup Unlocker provides easy ways to help all iPhone users to recover lost or forgotten iTu
MyPasswordsMyPasswords
In this day and age, we all understand the need to keep track of numerous passwords and names, especially if you are also an Internet user. There are a number of solutions that you could use. One solution is to write them down, but anyone could find them a
Appnimi MD2 DecrypterAppnimi MD2 Decrypter
Appnimi MD2 Decrypter helps in decrypting any MD2 hash. In appropriate infrastructure it works at a speed of more than 1 million words/second. One of the fastest true MD2 Decrypter available in the market. Above all it is FREE. The MD2 Message-Digest Al
PDF Password Remover FreePDF Password Remover Free
This is a very simple and fast freeware utility that allows you to remove protection from pdf files. This program will be especially useful in cases where you remove pdf password is needed, but the computer no tools to work with a pdf file. This tool allow
Total PrivacyTotal Privacy
Total Privacy is encryption tool that will encrypt files, e-mail messages and instant messages. Instant messages are encrypted and decrypted in real-time so you can communicate as usual only knowing that you are secure because you are using powerful layer
 

Supported Operating Systems:
Windows 2000 | 
 

Comments on Windows 2000 Unchecked Buffer Help Security Vulnerability Patch:

Comments not found

Name:


Comment:


Enter text from image below:

Turn on images!

 
 
 

Windows Software - Free Windows Downloads, Apps, Games, Freeware, Skype, Media Player, Antivirus, Gimp, Live, Starter for Windows XP, Vista, 7, 8, 10

© Pantich 2016 all rights reserved