The HTML Help facility in Windows includes an ActiveX control that provides much of its functionality. One of the functions exposed via the control contains an unchecked buffer, which could be exploited by a Web page hosted on an attacker?s site or sent to a user as an HTML mail. An attacker who successfully exploited the vulnerability would be able to run code in the security context of the user, thereby gaining the same privileges as the user on the system.
A second vulnerability exists because of flaws associated with the handling of compiled HTML Help files that contain shortcuts. Because shortcuts allow HTML Help files to take any desired action on the system, only trusted HTML Help files should be allowed to use them. Two flaws allow this restriction to be bypassed. First, the HTML Help facility incorrectly determines the Security Zone in the case where a Web page or HTML mail delivers a CHM file to the Temporary Internet Files folder and subsequently opens it. Instead of handling the CHM file in the correct zone--the one associated with the Web page or HTML mail that delivered it--the HTML Help facility incorrectly handles it in the Local Computer Zone, thereby considering it trusted and allowing it to use shortcuts. This error is compounded by the fact that the HTML Help facility doesn?t consider what folder the content resides in. Were it to do so, it could recover from the first flaw, as content within the Temporary Internet Folder is clearly not trusted, regardless of the Security Zone it renders in.
The attack scenario for this vulnerability would be complex, and involves using an HTML mail to deliver a CHM file that contains a shortcut, then making use of the flaws to open it and allow the shortcut to execute. The shortcut would be able to perform any action the user had privileges to perform on the system.
Like it? Share with your friends!
Other Windows Software of Developer «Microsoft»:
Microsoft Office 97 Service Release 2 ValuPack The Microsoft Office 97 Service Release 2 (SR-2) ValuPack is an easy way to update the collection of utilities and add-ons included in the original SR-1 ValuPack. If you wish to download individual components of the ValuPack, click on the links to go to th
Office 2003 Research Services Software Development Kit (SDK) With the Microsoft Office 2003 Research Service SDK, you can build information services that provide users with robust information sources and actions that make it possible for users to manage information in powerful waysall from within their Office applic
FTP Publishing Service for IIS (64-bit) The FTP Publishing Service for IIS 7.0 allows Web content creators to publish content more easily and securely to IIS 7.0 Web servers using modern Internet publishing standards. New features like SSL-based authentication and data transfer protect sensitive
ReportViewer Samples for Visual Studio Visual Studio 2005 includes new ReportViewer controls that you can use to add rich data reporting to Windows forms and ASP.NET applications. ReportViewer Samples for Visual Studio provides two complete samples so that you can view the control and sample re
Idoo File Encryption Pro idoo File Encryption is software that can provide comprehensive and flexible protection to your files and file folders, and you may lock, hide or encrypt files and folders according to your needs. Authority settings helps you to encrypt or hide your HDD ea
Sophos Free Encryption Protect your confidential files. Securely sending or storing data can be tricky if you don't have a robust security infrastructure. We make encryption easy for you with Sophos Free Encryption. This free tool lets you secure your data easily and quickly wit
Safetica Free Safetica Free offers a complete set of tools for computer security and protection of your data at home or on a journey. It will safely delete unnecessary files and whole disks without the option of recovery. Quickly and without complicated setting.
FreeSecurity FreeSecurity is an easy to use, graphical, freeware application that allows you to use encryption to secure your files. FreeSecurity uses strong 128-bit AES encryption (according to NIST, it would take about 149 trillion years to break an AES key using usu
Kaka USB Security USB Security is the ultimate USB drives security solution ! Password protection of all your data on USB Drives, External Drives, Thumb Drives in seconds. Its advanced protection technique ensures complete security of your data on any USB and External Drive
Remora USB Disk Guard Pro Remora USB Disk Guard Pro is a project based file encryption/compression tool, or a strong file encryption/compression switch, which can start up from your USB storage devices. With Remora USB Disk Guard Pro, you can secure all your files anytime and anywh
Aplus PDF Password Remover PDF password remover used to remove password protection on the PDF files. Also you can remove restriction from PDF files. Application has option to crack User password and Owner password. Without remove User password any one can not be access PDF file. Ut
Izemail for Outlook Encrypt and sign your e-mail messages, just by pressing the Send button in your e-mail program with Izemail. No need to exchange encryption keys or certificates, no need to go through complex enrollment procedures. The program allows you to send an encrypt
Securepoint Intrusion Detection From the developer: ""The Securepoint Intrusion Detection tool analyses networks and computer intrusion detections. In the main window where you can select all functions by clicking on the main menu or by clicking on a associated icon. In the IDS logfile
IMSurfSentinel IMSurfSentinel is an Internet monitoring spy software solution. It allows you to secretly monitor AIM conversations, block AIM conversations, act as a keylogger by monitoring keys, monitor browser activity, record URLs, record screen activity, perform a sc
Supported Operating Systems:
Windows 2000 |
Comments on Windows 2000 Unchecked Buffer Help Security Vulnerability Patch:
Comments not found
Windows Software - Free Windows Downloads, Apps, Games, Freeware, Skype, Media Player, Antivirus, Gimp, Live, Starter for Windows XP, Vista, 7, 8, 10