Windows 2000 Unchecked Buffer Help Security Vulnerability Patch for Windows Free Download in Security Software Tag

     
Tags
Graphic Design Software  Disk & File Software  Communication Software  Wireless Networking Software  Internet Software  System Utilities  Business & Office Software  Security Software  Developer Tools  Video Players  Games  Digital Photo Software  CAD Software  Privacy Software & Access control  Database Management Software  Video Software  3D Modeling Software  Networking Software  Drivers  Audio Software  Educational & Science Software 
Search by Category
Audio Software
Browsers
Business & Office Software
CD & DVD Software
Communication Software
Desktop Enhancements
Developer Tools
Digital Photo Software
Disk & File Software
Drivers
Educational & Science Software
Entertainment & Hobby Software
Games
Graphic Design Software
Home & Family Software
Internet Software
iTunes & iPod Software
Networking Software
Productivity Software
Screensavers
Security Software
Anti-Spyware
Antivirus Software
Corporate Security Software
Encryption & Decryption Software
Firewall Software
Internet Security Software Suites
Keyloggers
Password Managers
Privacy Software & Access control
Security Monitoring Software
System Utilities
Travel & Navigation Software
Video Software
Web Development Software
     




 
 
Windows 2000 Unchecked Buffer Help Security Vulnerability Patch

Windows 2000 Unchecked Buffer Help Security Vulnerability Patch
Version: MS02-055
Platforms: Windows

Categories: Security Software
Upload Date: 2 Nov 15
Developer: Microsoft
Distribution Type: Freeware
Downloads: 0
File Size: 876 Kb
Free Download Windows 2000 Unchecked Buffer Help Security Vulnerability Patch 

Rating: 1.0/5 (Total votes: 1)


 
The HTML Help facility in Windows includes an ActiveX control that provides much of its functionality. One of the functions exposed via the control contains an unchecked buffer, which could be exploited by a Web page hosted on an attacker?s site or sent to a user as an HTML mail. An attacker who successfully exploited the vulnerability would be able to run code in the security context of the user, thereby gaining the same privileges as the user on the system.

A second vulnerability exists because of flaws associated with the handling of compiled HTML Help files that contain shortcuts. Because shortcuts allow HTML Help files to take any desired action on the system, only trusted HTML Help files should be allowed to use them. Two flaws allow this restriction to be bypassed. First, the HTML Help facility incorrectly determines the Security Zone in the case where a Web page or HTML mail delivers a CHM file to the Temporary Internet Files folder and subsequently opens it. Instead of handling the CHM file in the correct zone--the one associated with the Web page or HTML mail that delivered it--the HTML Help facility incorrectly handles it in the Local Computer Zone, thereby considering it trusted and allowing it to use shortcuts. This error is compounded by the fact that the HTML Help facility doesn?t consider what folder the content resides in. Were it to do so, it could recover from the first flaw, as content within the Temporary Internet Folder is clearly not trusted, regardless of the Security Zone it renders in.

The attack scenario for this vulnerability would be complex, and involves using an HTML mail to deliver a CHM file that contains a shortcut, then making use of the flaws to open it and allow the shortcut to execute. The shortcut would be able to perform any action the user had privileges to perform on the system.

Requirements:

Windows 2000

 
Like it? Share with your friends!   
 

Other Windows Software of Developer «Microsoft»:

Visio Viewer 2010Visio Viewer 2010
By using Microsoft Visio 2010 Viewer, Visio users can freely distribute Visio drawings and diagrams to team members, partners, customers, or others, even if the recipients do not have Visio installed on their computers. Internet Explorer also allows for pr
Halo 2 Remembrance Music TrackHalo 2 Remembrance Music Track
"Remembrance" is a choral arrangement by Marty O'Donnell of Halo's track called "The Maw," and was played at the 2003 E3 Halo 2 Theater.Requirements:Windows 98/Me/2000/XP
Microsoft Windows 2000 Patch: Telnet Server Denial of ServiceMicrosoft Windows 2000 Patch: Telnet Server Denial of Service
Windows 2000 UpdateWhat is new in this release:This update resolves the "Telnet Server Flooding" security vulnerability in Microsoft Windows 2000. Download now to prevent a malicious user from sending invalid input information to your Telnet Server. Althou
MapPoint Web Service PHP SampleMapPoint Web Service PHP Sample
This download contains a simple store-locator application that demonstrates how to consume MapPoint Web Service with PHP. This sample application prompts the user for an address and then performs a search for nearby locations that are included in the Fourt
Office XP Tools: Advanced Smart Tag ToolsOffice XP Tools: Advanced Smart Tag Tools
Office XP Tools: Advanced Smart Tag Tools demonstrates three advanced smart tag development tools for the Microsoft Office Smart Tag List Tool (MOSTL): the Smart Tag MOSTL Generator tool, which allows you to build smart tag XML list files; the Smart Tag Li
Gigabyte GA-F2A88X-D3H (rev. 3.0) Microsoft UAA DriverGigabyte GA-F2A88X-D3H (rev. 3.0) Microsoft UAA Driver
APU: - FM2+ Socket: - AMD A series processors - AMD Athlon series processorsChipset: - AMD A88XMemory: - 4 x 1.5V DDR3 DIMM sockets supporting up to 64 GB of system memory - Dual channel memory architecture - Support for DDR3 2400(OC)/2133/1866/1600/1333 M
Microsoft Identity and Access Management SeriesMicrosoft Identity and Access Management Series
Microsoft Identity and Access Management Series is designed to help organizations understand identity and access management issues and related solutions that can be achieved with Microsoft technologies in heterogeneous IT environments. This version is the
Exchange 5.5 Collaboration Data Objects (CDO) PatchExchange 5.5 Collaboration Data Objects (CDO) Patch
This patch addresses problems found in the Exchange Server 5.5 Collaboration Data Objects (CDO) since Service Pack 4 was released. See more information for a list of the fixes that are included in this patch. This version is the first release on CNET Downl
Microsoft Jet SQL for Access 2000 Sample 2Microsoft Jet SQL for Access 2000 Sample 2
These three downloadable samples are provided in conjunction with a series of MSDN Library articles that discuss how to use Microsoft Jet SQL with data from an Access 2000 database. This version is the first release on CNET Download.com.What is new in this
System Update Readiness Tool for Windows Vista (32-bit)System Update Readiness Tool for Windows Vista (32-bit)
System Update Readiness Tool for Windows Vista (32-bit) is being offered because an inconsistency was found in the Windows servicing store which may prevent the successful installation of future updates, service packs, and software. This tool checks your c

» show all

 
Similar Applications:

DoSWF Mini (Flash SWF Encryptor)DoSWF Mini (Flash SWF Encryptor)
DoSWF is a professional encryption tool for Adobe Flash SWF and SWC files. Protect your actionscript and all assets, such as image, sound, and movie. Defend current all Flash decompilers and make your Flash secure. Features include encrypt Adobe Flash SWF
Cloak and Dagger (64-bit)Cloak and Dagger (64-bit)
This is hands down the easiest and most convenient way to protect your files. Using the familiar right-click Windows design, simply click on the file, folder or drive you wish to protect. Select Cloak and Dagger. Enter and confirm your password, give you
CedeCrypt PortableCedeCrypt Portable
CedeCrypt Porttable does not require installation and can be run directly from the memory stick, or external hard disk. The application is contained within a single executable file which makes it extremely portable across PC's. This means you can easily dr
ActiveSpy XP 2003ActiveSpy XP 2003
Know everything happening on your computer. With NGC ActiveSpy you can easily spy everything happening on your computer, easily and in the background, without letting the user know. ActiveSpy will log chat sessions, written e-mails, passwords, ICQ sessions
PazWordPazWord
pazWord allows you to store information you ordinarily keep in your wallet, such as phone numbers, addresses,and credit card numbers. All your stored information is optionally protected by both data encryption and a personal password. pazWord offers you fe
NVS Password ProtectionNVS Password Protection
NVS Password Protection offers password protection for your sensitive information. Built with great encryption and from Network Video Security, a privately owned security business, NVS Password Protection comes equipped with the ability to import and expor
StealthNetWallStealthNetWall
From the developer: ""The StealthNetWall(TM) firewall is a true IP Packet filter. It will prevent PINGS and Trace Routes to your computer. It is simple to install, and there is no complicated configuration needed to protect you from the hackers on the In
ProtectorionProtectorion
Strong and quick encryption for all file types. Secure and recognized industry standard AES 256 bit. Encryption and decryption of folders and files with a mouse click. Safe transportation and exchange of encrypted files. Strong encryption for file on USB f
Chaocrypt SoftwareChaocrypt Software
Chaocrypt Software encrypts and decrypts text, HTML, Word, JPEG, WAV using an advanced chaotic sequence that is non-linear and therefore very difficult to decipher without the keys used to encrypt. The chaotic sequence is based on a unique mathematical for
PassMan-C4PassMan-C4
PassMan-C4 application is a handy password manager designed for safe storing of your sensitive data. Especially your user names, passwords, hexadecimal keys, PINs and others. PassMan-C4 contains 4 basic tools which enable you to make easy and safe manageme
 

Supported Operating Systems:
Windows 2000 | 
 

Comments on Windows 2000 Unchecked Buffer Help Security Vulnerability Patch:

Comments not found

Name:


Comment:


Enter text from image below:

Turn on images!

 
 
 

Windows Software - Free Windows Downloads, Apps, Games, Freeware, Skype, Media Player, Antivirus, Gimp, Live, Starter for Windows XP, Vista, 7, 8, 10

© Pantich 2016 all rights reserved