Windows 2000 Unchecked Buffer Help Security Vulnerability Patch for Windows Free Download in Encryption & Decryption Software Tag

     
Tags
Developer Tools  Educational & Science Software  Communication Software  CAD Software  Privacy Software & Access control  Video Software  Games  Drivers  Wireless Networking Software  Security Software  Business & Office Software  Disk & File Software  System Utilities  Database Management Software  Audio Software  Digital Photo Software  Internet Software  Graphic Design Software  3D Modeling Software  Networking Software  Video Players 
Search by Category
Audio Software
Browsers
Business & Office Software
CD & DVD Software
Communication Software
Desktop Enhancements
Developer Tools
Digital Photo Software
Disk & File Software
Drivers
Educational & Science Software
Entertainment & Hobby Software
Games
Graphic Design Software
Home & Family Software
Internet Software
iTunes & iPod Software
Networking Software
Productivity Software
Screensavers
Security Software
Anti-Spyware
Antivirus Software
Corporate Security Software
Encryption & Decryption Software
Firewall Software
Internet Security Software Suites
Keyloggers
Password Managers
Privacy Software & Access control
Security Monitoring Software
System Utilities
Travel & Navigation Software
Video Software
Web Development Software
     




 
 
Windows 2000 Unchecked Buffer Help Security Vulnerability Patch

Windows 2000 Unchecked Buffer Help Security Vulnerability Patch
Version: MS02-055
Platforms: Windows

Categories: Security Software
Upload Date: 2 Nov 15
Developer: Microsoft
Distribution Type: Freeware
Downloads: 0
File Size: 876 Kb
Free Download Windows 2000 Unchecked Buffer Help Security Vulnerability Patch 

Rating: 1.0/5 (Total votes: 1)


 
The HTML Help facility in Windows includes an ActiveX control that provides much of its functionality. One of the functions exposed via the control contains an unchecked buffer, which could be exploited by a Web page hosted on an attacker?s site or sent to a user as an HTML mail. An attacker who successfully exploited the vulnerability would be able to run code in the security context of the user, thereby gaining the same privileges as the user on the system.

A second vulnerability exists because of flaws associated with the handling of compiled HTML Help files that contain shortcuts. Because shortcuts allow HTML Help files to take any desired action on the system, only trusted HTML Help files should be allowed to use them. Two flaws allow this restriction to be bypassed. First, the HTML Help facility incorrectly determines the Security Zone in the case where a Web page or HTML mail delivers a CHM file to the Temporary Internet Files folder and subsequently opens it. Instead of handling the CHM file in the correct zone--the one associated with the Web page or HTML mail that delivered it--the HTML Help facility incorrectly handles it in the Local Computer Zone, thereby considering it trusted and allowing it to use shortcuts. This error is compounded by the fact that the HTML Help facility doesn?t consider what folder the content resides in. Were it to do so, it could recover from the first flaw, as content within the Temporary Internet Folder is clearly not trusted, regardless of the Security Zone it renders in.

The attack scenario for this vulnerability would be complex, and involves using an HTML mail to deliver a CHM file that contains a shortcut, then making use of the flaws to open it and allow the shortcut to execute. The shortcut would be able to perform any action the user had privileges to perform on the system.

Requirements:

Windows 2000

 
Like it? Share with your friends!   
 

Other Windows Software of Developer «Microsoft»:

Update for Outlook 2003 Junk Email Filter (KB917149)Update for Outlook 2003 Junk Email Filter (KB917149)
This update provides the Junk E-mail Filter in Microsoft Office Outlook 2003 with a more current definition of which e-mail messages should be considered junk e-mail. This update was released in June 2006. This version is the first release on CNET Download
Microsoft SQL Server 2005 Service Pack 3 (32-bit)Microsoft SQL Server 2005 Service Pack 3 (32-bit)
Microsoft SQL Server 2005 Service Pack 3 (32-bit) is cumulative, and this service pack upgrades all service levels of SQL Server 2005 to SP3. You can use these packages to upgrade Enterprise, Enterprise Evaluation, Developer, Standard, and Workgroup eidtio
Windows XP Unchecked Buffer in File Decompression Functions Vulnerability PatchWindows XP Unchecked Buffer in File Decompression Functions Vulnerability Patch
This patch addresses two vulnerabilities. An unchecked buffer exists in the program that handles the decompressing of files from a zipped file. When this program tries to open a file that has a specially malformed file name that is contained in a zipped fi
Windows PhoneWindows Phone
Your computer and your Windows Phone 8 work together seamlessly with the Windows Phone app so you always have your photos, videos, and music, and more where you want them. Quickly share things from your phone with Windows 8 apps (like Photos, or Search). Y
Microsoft Expression Blend 2 August PreviewMicrosoft Expression Blend 2 August Preview
Microsoft Expression Blend 2 is the professional design tool used to create engaging Web-connected experiences for Microsoft Windows. The Expression Blend 2 August Preview allows you to create Microsoft Silverlight based applications. This version is the f
Channel 9 for Windows 8Channel 9 for Windows 8
Channel 9 provides a way to browse and view videos on a variety of developer and consumer topics from the Channel9.msdn.com web site. It features p-in your favorite shows and keep up to date with Live Tiles, watch videos with your choice of Progressive or
Microsoft Platform Ready Test ToolMicrosoft Platform Ready Test Tool
Microsoft Platform Ready Test Tool is designed to help test your applications for compatibility with latest technologies and platforms from Microsoft. MPR Test Tool is a fully automated, wizard style tool that implements technical requirements described in
Microsoft Exchange Server Disable Certificate VerificationMicrosoft Exchange Server Disable Certificate Verification
Disable the Secure Sockets Layer (SSL) certificate check that is performed on a server running Exchange ActiveSync. This version is the first release on CNET Download.com.What is new in this release:This version is the first release on CNET Download.com.Re
Microsoft Download ManagerMicrosoft Download Manager
Microsoft Download Manager enables you to download files simply and easily. It also makes downloading large files such as application and multimedia files quick and reliable. It also makes downloading large files such as application and multimedia files qu
Pocket PC Sample: Move an Access Database into the EmulationPocket PC Sample: Move an Access Database into the Emulation
Sample Code for MSDN Article Move an Access Database into the Emulation. This sample application is to use in copying your Access 2000 database to the emulation environment. This Sample Code accompanys the MSDN Article Move an Access Database into the Emul

» show all

 
Similar Applications:

CS DefenderCS Defender
Encryption uses a mathematical algorithm to scramble readable text that cannot be read unless the reader has the key to "unlock," or convert, the information back to its readable form. CS Defender is advanced and efficient utility to translate your sens
OTP-StegOTP-Steg
OTP-Steg is free software that allows you to embed a message into a PNG image file. OTP-Steg uses one-time pad (OTP) encryption in conjunction with least significant bit (LSB) image encoding. There are three programs included: 1. Encrypt -- Allows yo
CryptCrypt
Console application for encrypting your files using GOST, DES, AES algorithm. Allows to encrypt & decrypt files of any size with these four algorithms. The application is running in console mode (use cmd.exe to run the application or FAR, Norton Commander)
Microsoft Exchange 2000 Malformed Mail Attribute can Cause Exchange 2000 to Exhaust CPU ResourcesMicrosoft Exchange 2000 Malformed Mail Attribute can Cause Exchange 2000 to Exhaust CPU Resources
To support the exchange of mail with heterogeneous systems, Exchange messages use the attributes of SMTP mail messages that are specified by RFC's 821 and 822. There is a flaw in the way Exchange 2000 handles certain malformed RFC message attributes on rec
SecExFile Home EditionSecExFile Home Edition
From the developer: "This file encryption software uses a secure 128 bit cipher incorporating the AES candidate Twofish algorithm to warrant the security of your valuable data. SecExFile integrates fully with Windows Explorer and features an easy to use in
USB Flash Security++ Group EditionUSB Flash Security++ Group Edition
USB Flash Security is a security tool for mobile devices. It can help you to protect your mobile devices. It features protect data in USB flash memory by a password, format (FAT and FAT32), safely remove software which installed in protected area, limit of
PwdDoubleCheckPwdDoubleCheck
PwdDoubleCheck is an easy-to-use application for checking the strength of your passwords on Windows-based systems. It can be used on both home and business PCs. Our product offers password logging and report printing for company auditing. Activate a trial
WebTV Denial of Service Vulnerability Patch (Windows Me)WebTV Denial of Service Vulnerability Patch (Windows Me)
This patch eliminates a security vulnerability in Microsoft WebTV for Windows. There is a denial of service vulnerability in WebTV for Windows that may allow a malicious user to remotely crash either the WebTV for Windows application and/or the computer sy
Anti-File HackingAnti-File Hacking
Anti-File hacking is a program which handles your privacy problem and also solves the problem of hacking your files either by another user or by a hacker . Anti-File hacking provide unique encryption which protect your files especially your photos and vide
PCTuneUp Program LockPCTuneUp Program Lock
To lock sensitive programs such as tax preparation software, personal finance program or other programs, PCTuneUp Free exe lock is designed for your demands. This free application lock software can lock executable programs on your computer with customized
 

Supported Operating Systems:
Windows 2000 | 
 

Comments on Windows 2000 Unchecked Buffer Help Security Vulnerability Patch:

Comments not found

Name:


Comment:


Enter text from image below:

Turn on images!

 
 
 

Windows Software - Free Windows Downloads, Apps, Games, Freeware, Skype, Media Player, Antivirus, Gimp, Live, Starter for Windows XP, Vista, 7, 8, 10

© Pantich 2016 all rights reserved