Windows 2000 Unchecked Buffer Help Security Vulnerability Patch for Windows 2000 Free Download in Security Software Tag

Database Management Software  Communication Software  Video Software  Video Players  Internet Software  Wireless Networking Software  Business & Office Software  Developer Tools  Privacy Software & Access control  Graphic Design Software  Networking Software  Educational & Science Software  Database Software  CAD Software  Digital Photo Software  System Utilities  3D Modeling Software  Games  Disk & File Software  Security Software  Audio Software 
Search by Category
Audio Software
Business & Office Software
CD & DVD Software
Communication Software
Desktop Enhancements
Developer Tools
Digital Photo Software
Disk & File Software
Educational & Science Software
Entertainment & Hobby Software
Graphic Design Software
Home & Family Software
Internet Software
iTunes & iPod Software
Networking Software
Productivity Software
Security Software
Antivirus Software
Corporate Security Software
Encryption & Decryption Software
Firewall Software
Internet Security Software Suites
Password Managers
Privacy Software & Access control
Security Monitoring Software
System Utilities
Travel & Navigation Software
Video Software
Web Development Software

Windows 2000 Unchecked Buffer Help Security Vulnerability Patch

Windows 2000 Unchecked Buffer Help Security Vulnerability Patch
Version: MS02-055
Platforms: Windows

Categories: Security Software
Upload Date: 2 Nov 15
Developer: Microsoft
Distribution Type: Freeware
Downloads: 0
File Size: 876 Kb
Free Download Windows 2000 Unchecked Buffer Help Security Vulnerability Patch 

Rating: 1.0/5 (Total votes: 1)

The HTML Help facility in Windows includes an ActiveX control that provides much of its functionality. One of the functions exposed via the control contains an unchecked buffer, which could be exploited by a Web page hosted on an attacker?s site or sent to a user as an HTML mail. An attacker who successfully exploited the vulnerability would be able to run code in the security context of the user, thereby gaining the same privileges as the user on the system.

A second vulnerability exists because of flaws associated with the handling of compiled HTML Help files that contain shortcuts. Because shortcuts allow HTML Help files to take any desired action on the system, only trusted HTML Help files should be allowed to use them. Two flaws allow this restriction to be bypassed. First, the HTML Help facility incorrectly determines the Security Zone in the case where a Web page or HTML mail delivers a CHM file to the Temporary Internet Files folder and subsequently opens it. Instead of handling the CHM file in the correct zone--the one associated with the Web page or HTML mail that delivered it--the HTML Help facility incorrectly handles it in the Local Computer Zone, thereby considering it trusted and allowing it to use shortcuts. This error is compounded by the fact that the HTML Help facility doesn?t consider what folder the content resides in. Were it to do so, it could recover from the first flaw, as content within the Temporary Internet Folder is clearly not trusted, regardless of the Security Zone it renders in.

The attack scenario for this vulnerability would be complex, and involves using an HTML mail to deliver a CHM file that contains a shortcut, then making use of the flaws to open it and allow the shortcut to execute. The shortcut would be able to perform any action the user had privileges to perform on the system.


Windows 2000

Like it? Share with your friends!   

Other Windows Software of Developer «Microsoft»:

Exchange 5.5 Information Store Patch 2657.74Exchange 5.5 Information Store Patch 2657.74
Exchange 5.5 Information Store Patch 2657.74 resolves problems that were found in the Exchange Server 5.5 Information Store since SP4 was released. This version is the first release on CNET is new in this release:This version is the first
Web Client Software Factory - June 2007Web Client Software Factory - June 2007
The Web Client Software Factory provides an integrated set of guidance that assists architects and developers in creating composite Web client applications. This version is the first release on CNET is new in this release:This version is
Compression Configuration Tool for Microsoft Internet Security and Acceleration (ISA) Server 2004 Service Pack 2 (SP2)Compression Configuration Tool for Microsoft Internet Security and Acceleration (ISA) Server 2004 Service Pack 2 (SP2)
Use SetCompConfig.vbs to configure the minimum packet size and enable range compression for HTTP compression. ISA Server 2004 SP2 introduces HTTP compression. The configuration settings for HTTP compression apply to all HTTP traffic that passes through ISA
Galactic Reign for Windows 8Galactic Reign for Windows 8
Galactic Reign is a head-to-head game of tactical expansion and conquest. You and your opponent colonize planets, design ships, and build fleets as you fight for domination of the galaxy. Ship design is crucial, as you must predict what their opponent is b
ISAPI Automation Server ExtensionISAPI Automation Server Extension
ISAPI Automation Server Extension is an update containing the latest version of the FoxIsapi Web utility. ISAPI Automation Server Extension contains a newer version than that included in Visual FoxPro 6.0 Service Pack 3. The new version now includes improv
Microsoft Plus PhotoStory LEMicrosoft Plus PhotoStory LE
Similar to RealSlideshow, Microsoft's PhotoStory allows you to create slideshows using your digital photos. With a single click, you can touch-up, crop, or rotate pictures. Add stunning special effects, soundtracks, and your own voice narration to your pho
Windows Identity Foundation for Windows Vista and Windows Server 2008 (32-bit)Windows Identity Foundation for Windows Vista and Windows Server 2008 (32-bit)
Windows Identity Foundation for Windows Vista and Windows Server 2008 (32-bit) build claims-aware applications that externalize user authentication from the application, improving developer productivity, enhancing application security, and enabling interop
Windows NT 4.0 Terminal Server Edition Winsock Mutex Vulnerability PatchWindows NT 4.0 Terminal Server Edition Winsock Mutex Vulnerability Patch
This patch eliminates a security vulnerability in Windows NT 4.0. The vulnerability could allow a malicious user to run a special program to disable an affected computer's network functionality. Like all other objects under Windows NT 4.0, mutexes--synchro
Commerce Server 2002: Deploying a Secure Commerce Server 2002 SiteCommerce Server 2002: Deploying a Secure Commerce Server 2002 Site
Commerce Server 2002: Deploying a Secure Commerce Server 2002 Site is a compiled help file provides detailed instructions for deploying Microsoft Commerce Server 2002 in a secure configuration. These instructions assume you are performing a new deployment,
Microsoft USB Wireless Mouse DriverMicrosoft USB Wireless Mouse Driver
The package provides the installation files for Microsoft USB Wireless Mouse Driver order to manually update your driver, follow the steps below (the next steps):1. Go to Device Manager (right click on My Computer, choose Manage and then find

» show all

Similar Applications:

OneNote Password RecoveryOneNote Password Recovery
OneNote Password Recovery is a program to recover lost or forgotten passwords for Microsoft OneNote notebooks and sections. Multilingual passwords are supported. All versions of Microsoft OneNote are supported. Version 2.0.7 may include unspecified updates
FlashFXP Password RecoveryFlashFXP Password Recovery
Forgot your FTP site password? Despair not! This little utility will recover all FlashFXP passwords for you. Locate the Sites.dat file in your FlashFXP directory, hit the "Decrypt" button and all passwords will be shown. Couldn't be easier.Requirements:Win
MD5/SHA1 Hash ExtractorMD5/SHA1 Hash Extractor
MD5/SHA1 Hash Extractor can be used to form a "practically unique" key of any data. This tiny MD5/SHA1 extractor has a Windows GUI and can extract hashes out of files of terabytes size. When using a one-way hash function, one can compare a calculated messa
PackMan - Package ManagerPackMan - Package Manager
Encryption for e-mail and attachments, or store private files on public servers. PackMan (Package Manager) stores files within its own compressed and ciphered file format. It works very well with outlook or other windows email clients to authenticate and s
Accent Word Password RecoveryAccent Word Password Recovery
Lost a password for opening a Microsoft Word document? Lost a password for saving changes to a document? Not a problem with Accent WORD Password Recovery! The password for saving changes will be found almost instantly. The same goes for passwords for o
eLibrary Creator Basic EditioneLibrary Creator Basic Edition
With "eLibrary Creator" you can make any eLibraries without having any special knowledge or skills. Using eLibrary creator you can create e-libraries with your content to distribute or sale withhigh security like RRK and USB Dongle. What is an eLibrary? G
AxCrypt PortableAxCrypt Portable
AxCrypt Portable features easy to use strong file encryption, integrated with Windows Explorer. Encrypt, compress, decrypt, wipe, view and edit with a few mouse clicks. Cryptographic primitives are AES-128 and SHA-1. A combination of strong symmetric encry
Private RoomPrivate Room
Create a private room on your PC Let you own a private data-space which you can take along with you. And, you can open it on any PC at any time. Keep you private information secret (for the family customer), Transfer data safely and conveniently (for the o
Effective encryption software - SoftProtect It keeps all your confident information from being misused by other persons. Any file or program could be encrypted into one single viable file with the help of this software. You can use USB stick, PC hardware,
Windows 2000 Group Policy File Vulnerability PatchWindows 2000 Group Policy File Vulnerability Patch
This update resolves the "Opening Group Policy Files for Exclusive Read Access Blocks Policy Application" issue affecting Windows 2000 domain controllers and is discussed in Microsoft Security Bulletin MS02-016. Download it to prevent an attacker from bloc

Supported Operating Systems:
Windows 2000 | 

Comments on :

Comments not found



Enter text from image below:

Turn on images!


Windows Software - Free Windows Downloads, Apps, Games, Freeware, Skype, Media Player, Antivirus, Gimp, Live, Starter for Windows XP, Vista, 7, 8, 10

© Pantich 2016 all rights reserved