Windows 2000 Unchecked Buffer Help Security Vulnerability Patch for Windows 2000 Free Download in Security Software Tag

     
Tags
Security Software  Video Players  Games  Networking Software  Developer Tools  Digital Photo Software  Graphic Design Software  Privacy Software & Access control  Wireless Networking Software  CAD Software  Disk & File Software  3D Modeling Software  Database Management Software  Business & Office Software  Internet Software  Communication Software  System Utilities  Audio Software  Educational & Science Software  Drivers  Video Software 
Search by Category
Audio Software
Browsers
Business & Office Software
CD & DVD Software
Communication Software
Desktop Enhancements
Developer Tools
Digital Photo Software
Disk & File Software
Drivers
Educational & Science Software
Entertainment & Hobby Software
Games
Graphic Design Software
Home & Family Software
Internet Software
iTunes & iPod Software
Networking Software
Productivity Software
Screensavers
Security Software
Anti-Spyware
Antivirus Software
Corporate Security Software
Encryption & Decryption Software
Firewall Software
Internet Security Software Suites
Keyloggers
Password Managers
Privacy Software & Access control
Security Monitoring Software
System Utilities
Travel & Navigation Software
Video Software
Web Development Software
     




 
 
Windows 2000 Unchecked Buffer Help Security Vulnerability Patch

Windows 2000 Unchecked Buffer Help Security Vulnerability Patch
Version: MS02-055
Platforms: Windows

Categories: Security Software
Upload Date: 2 Nov 15
Developer: Microsoft
Distribution Type: Freeware
Downloads: 0
File Size: 876 Kb
Free Download Windows 2000 Unchecked Buffer Help Security Vulnerability Patch 

Rating: 1.0/5 (Total votes: 1)


 
The HTML Help facility in Windows includes an ActiveX control that provides much of its functionality. One of the functions exposed via the control contains an unchecked buffer, which could be exploited by a Web page hosted on an attacker?s site or sent to a user as an HTML mail. An attacker who successfully exploited the vulnerability would be able to run code in the security context of the user, thereby gaining the same privileges as the user on the system.

A second vulnerability exists because of flaws associated with the handling of compiled HTML Help files that contain shortcuts. Because shortcuts allow HTML Help files to take any desired action on the system, only trusted HTML Help files should be allowed to use them. Two flaws allow this restriction to be bypassed. First, the HTML Help facility incorrectly determines the Security Zone in the case where a Web page or HTML mail delivers a CHM file to the Temporary Internet Files folder and subsequently opens it. Instead of handling the CHM file in the correct zone--the one associated with the Web page or HTML mail that delivered it--the HTML Help facility incorrectly handles it in the Local Computer Zone, thereby considering it trusted and allowing it to use shortcuts. This error is compounded by the fact that the HTML Help facility doesn?t consider what folder the content resides in. Were it to do so, it could recover from the first flaw, as content within the Temporary Internet Folder is clearly not trusted, regardless of the Security Zone it renders in.

The attack scenario for this vulnerability would be complex, and involves using an HTML mail to deliver a CHM file that contains a shortcut, then making use of the flaws to open it and allow the shortcut to execute. The shortcut would be able to perform any action the user had privileges to perform on the system.

Requirements:

Windows 2000

 
Like it? Share with your friends!   
 

Other Windows Software of Developer «Microsoft»:

Microsoft Office 97 Service Release 2 ValuPackMicrosoft Office 97 Service Release 2 ValuPack
The Microsoft Office 97 Service Release 2 (SR-2) ValuPack is an easy way to update the collection of utilities and add-ons included in the original SR-1 ValuPack. If you wish to download individual components of the ValuPack, click on the links to go to th
Money 2002 Utility: Builds RequiredInfoState Registry Key (Checksku.exe)Money 2002 Utility: Builds RequiredInfoState Registry Key (Checksku.exe)
Money 2002 Utility: Builds RequiredInfoState Registry Key (Checksku.exe) builds the RequiredInfoState registry key. In Money 2002, run the Checksku.exe file to build the RequiredInfoState registry key. This version is the first release on CNET Download.com
Office 2003 Research Services Software Development Kit (SDK)Office 2003 Research Services Software Development Kit (SDK)
With the Microsoft Office 2003 Research Service SDK, you can build information services that provide users with robust information sources and actions that make it possible for users to manage information in powerful waysall from within their Office applic
Service Pack 6 for Visual Basic 6.0, Visual C++ 6.0 with Visual Source Safe 6.0dService Pack 6 for Visual Basic 6.0, Visual C++ 6.0 with Visual Source Safe 6.0d
Service Pack 6 for Visual Basic 6.0, Visual C++ 6.0 with Visual Source Safe 6.0d provides the latest updates to these products. It is recommended for all users of Visual Basic 6.0, Visual C++ 6.0 and Visual Source Safe 6.0. This version is the first releas
Microsoft Visual Studio 2005 Team Edition for Database Professionals Power ToolsMicrosoft Visual Studio 2005 Team Edition for Database Professionals Power Tools
Microsoft Visual Studio 2005 Team Edition for Database Professionals Power Tools five new refactoring types, a new dependency viewer, additional data generators and editors, 2 new MSBuild tasks for Schema and Data Compare as well as the introduction of the
FTP Publishing Service for IIS (64-bit)FTP Publishing Service for IIS (64-bit)
The FTP Publishing Service for IIS 7.0 allows Web content creators to publish content more easily and securely to IIS 7.0 Web servers using modern Internet publishing standards. New features like SSL-based authentication and data transfer protect sensitive
BizTalk Server 2000 Code Sample: Automating the Procurement ProcessBizTalk Server 2000 Code Sample: Automating the Procurement Process
This code sample accompanies the technical article, BizTalk Orchestration Example: Automating the Procurement Process (click the Documentation link). The code shows a sample scenario of how to automate Requests for Quotes (RFQ) and purchasing. This version
Image Resizer Powertoy for Windows XPImage Resizer Powertoy for Windows XP
This PowerToy enables you to resize one or many image files with a right-click.
ReportViewer Samples for Visual StudioReportViewer Samples for Visual Studio
Visual Studio 2005 includes new ReportViewer controls that you can use to add rich data reporting to Windows forms and ASP.NET applications. ReportViewer Samples for Visual Studio provides two complete samples so that you can view the control and sample re
Microsoft Windows NT 4.0 Patch: Syskey Keystream Reuse VulnerabilityMicrosoft Windows NT 4.0 Patch: Syskey Keystream Reuse Vulnerability
This patch eliminates a vulnerability in the Windows NT 4.0 Syskey utility. Syskey provides additional cryptographic protection to the passwords stored in the SAM database, but a flaw weakens the protection. This patch restores the protection to its design

» show all

 
Similar Applications:

Idoo File Encryption ProIdoo File Encryption Pro
idoo File Encryption is software that can provide comprehensive and flexible protection to your files and file folders, and you may lock, hide or encrypt files and folders according to your needs. Authority settings helps you to encrypt or hide your HDD ea
Sophos Free EncryptionSophos Free Encryption
Protect your confidential files. Securely sending or storing data can be tricky if you don't have a robust security infrastructure. We make encryption easy for you with Sophos Free Encryption. This free tool lets you secure your data easily and quickly wit
Safetica FreeSafetica Free
Safetica Free offers a complete set of tools for computer security and protection of your data at home or on a journey. It will safely delete unnecessary files and whole disks without the option of recovery. Quickly and without complicated setting.
FreeSecurityFreeSecurity
FreeSecurity is an easy to use, graphical, freeware application that allows you to use encryption to secure your files. FreeSecurity uses strong 128-bit AES encryption (according to NIST, it would take about 149 trillion years to break an AES key using usu
Kaka USB SecurityKaka USB Security
USB Security is the ultimate USB drives security solution ! Password protection of all your data on USB Drives, External Drives, Thumb Drives in seconds. Its advanced protection technique ensures complete security of your data on any USB and External Drive
Remora USB Disk Guard ProRemora USB Disk Guard Pro
Remora USB Disk Guard Pro is a project based file encryption/compression tool, or a strong file encryption/compression switch, which can start up from your USB storage devices. With Remora USB Disk Guard Pro, you can secure all your files anytime and anywh
Aplus PDF Password RemoverAplus PDF Password Remover
PDF password remover used to remove password protection on the PDF files. Also you can remove restriction from PDF files. Application has option to crack User password and Owner password. Without remove User password any one can not be access PDF file. Ut
Izemail for OutlookIzemail for Outlook
Encrypt and sign your e-mail messages, just by pressing the Send button in your e-mail program with Izemail. No need to exchange encryption keys or certificates, no need to go through complex enrollment procedures. The program allows you to send an encrypt
Securepoint Intrusion DetectionSecurepoint Intrusion Detection
From the developer: ""The Securepoint Intrusion Detection tool analyses networks and computer intrusion detections. In the main window where you can select all functions by clicking on the main menu or by clicking on a associated icon. In the IDS logfile
IMSurfSentinelIMSurfSentinel
IMSurfSentinel is an Internet monitoring spy software solution. It allows you to secretly monitor AIM conversations, block AIM conversations, act as a keylogger by monitoring keys, monitor browser activity, record URLs, record screen activity, perform a sc
 

Supported Operating Systems:
Windows 2000 | 
 

Comments on Windows 2000 Unchecked Buffer Help Security Vulnerability Patch:

Comments not found

Name:


Comment:


Enter text from image below:

Turn on images!

 
 
 

Windows Software - Free Windows Downloads, Apps, Games, Freeware, Skype, Media Player, Antivirus, Gimp, Live, Starter for Windows XP, Vista, 7, 8, 10

© Pantich 2016 all rights reserved