Windows 2000 Unchecked Buffer Help Security Vulnerability Patch for Windows Free Download

     
Tags
System Utilities  Video Players  3D Modeling Software  CAD Software  Business & Office Software  Audio Software  Educational & Science Software  Security Software  Disk & File Software  Games  Networking Software  Internet Software  Communication Software  Drivers  Graphic Design Software  Video Software  Database Management Software  Developer Tools  Wireless Networking Software  Privacy Software & Access control  Digital Photo Software 
Search by Category
Audio Software
Browsers
Business & Office Software
CD & DVD Software
Communication Software
Desktop Enhancements
Developer Tools
Digital Photo Software
Disk & File Software
Drivers
Educational & Science Software
Entertainment & Hobby Software
Games
Graphic Design Software
Home & Family Software
Internet Software
iTunes & iPod Software
Networking Software
Productivity Software
Screensavers
Security Software
System Utilities
Travel & Navigation Software
Video Software
Web Development Software
     




 
 
Windows 2000 Unchecked Buffer Help Security Vulnerability Patch

Windows 2000 Unchecked Buffer Help Security Vulnerability Patch
Version: MS02-055
Platforms: Windows

Categories: Security Software
Upload Date: 2 Nov 15
Developer: Microsoft
Distribution Type: Freeware
Downloads: 0
File Size: 876 Kb
Free Download Windows 2000 Unchecked Buffer Help Security Vulnerability Patch 

Rating: 1.0/5 (Total votes: 1)


 
The HTML Help facility in Windows includes an ActiveX control that provides much of its functionality. One of the functions exposed via the control contains an unchecked buffer, which could be exploited by a Web page hosted on an attacker?s site or sent to a user as an HTML mail. An attacker who successfully exploited the vulnerability would be able to run code in the security context of the user, thereby gaining the same privileges as the user on the system.

A second vulnerability exists because of flaws associated with the handling of compiled HTML Help files that contain shortcuts. Because shortcuts allow HTML Help files to take any desired action on the system, only trusted HTML Help files should be allowed to use them. Two flaws allow this restriction to be bypassed. First, the HTML Help facility incorrectly determines the Security Zone in the case where a Web page or HTML mail delivers a CHM file to the Temporary Internet Files folder and subsequently opens it. Instead of handling the CHM file in the correct zone--the one associated with the Web page or HTML mail that delivered it--the HTML Help facility incorrectly handles it in the Local Computer Zone, thereby considering it trusted and allowing it to use shortcuts. This error is compounded by the fact that the HTML Help facility doesn?t consider what folder the content resides in. Were it to do so, it could recover from the first flaw, as content within the Temporary Internet Folder is clearly not trusted, regardless of the Security Zone it renders in.

The attack scenario for this vulnerability would be complex, and involves using an HTML mail to deliver a CHM file that contains a shortcut, then making use of the flaws to open it and allow the shortcut to execute. The shortcut would be able to perform any action the user had privileges to perform on the system.

Requirements:

Windows 2000

 
Like it? Share with your friends!   
 

Other Windows Software of Developer «Microsoft»:

Microsoft USB Keyboard Driver for Windows 10Microsoft USB Keyboard Driver for Windows 10
The package provides the installation files for Microsoft USB Keyboard Driver 9.8.132.0.In order to manually update your driver, follow the steps below (the next steps):1. Go to Device Manager (right click on My Computer, choose Manage and then find Device
Microsoft Data Access Components (MDAC) Security Patch MS04-003 (64-bit)Microsoft Data Access Components (MDAC) Security Patch MS04-003 (64-bit)
This is the security patch for Microsoft Data Access Components as described in the MS04-003: Security Update for Microsoft Data Access Components. A security issue has been identified in Microsoft Data Access Components version 2.8, that is described in t
SQL Server XML View MapperSQL Server XML View Mapper
Microsoft SQL Server View Mapper enables you to produce an XML View schema file that relates an XDR schema to a SQL Server schema. Using this tool and the documentation requires a working knowledge of both XML and database concepts and terminology. This ve
UPS Support 1.01 for Server Appliance Kit 2.01UPS Support 1.01 for Server Appliance Kit 2.01
The uninterruptible power supply (UPS) support for server appliances provides access to the Microsoft Windows 2000 UPS service using the Server Appliance Kit Web user interface (UI). Through this support, server appliance administrators can access UPS stat
Gigabyte GA-F2A58M-S1 (rev. 3.1) Microsoft UAA DriverGigabyte GA-F2A58M-S1 (rev. 3.1) Microsoft UAA Driver
Key Features: - Socket FM2+ supports AMD FM2+/FM2 A-series APU - GIGABYTE Ultra Durable Technology - GIGABYTE On/Off Charge for USB devices - 1 PCI-E 2.0 x16 interface with AMD Dual Graphics support - Solid capacitors for APU VRM design - 8 USB 2.0 and 4 S
Tabbed Conversations for Microsoft Lync 2010Tabbed Conversations for Microsoft Lync 2010
Tabbed Conversations is an application that provides a tabbed Lync 2010 conversation window to allow multiple instant messaging (IM) conversations in a single window.
Installing and Configuring Virtual PC Images for demonstrating Microsoft CRM 3Installing and Configuring Virtual PC Images for demonstrating Microsoft CRM 3
A Video, Instructions, Links and Educational resources for installing and configuring VPC Images containing Microsoft Dynamics CRM for the purposes of demonstrating Microsoft CRMs features and functionality. This download package is closely tied to three o
Age of Empires III: The WarChiefs Trial VersionAge of Empires III: The WarChiefs Trial Version
You allied with them in Age of Empires III, now experience the full glory of the Iroquois civilization in the new trial version for The WarChiefs expansion pack for Age of Empires III. Features: Play as the versatile Iroquois or the powerful Germans in ski
Microsoft Windows Vista Home PremiumMicrosoft Windows Vista Home Premium
Windows Vista Home Premium allows you to go beyond e-mail and web surfing to improve personal productivity and enjoy digital entertainment. You can search for anything on your computer from virtually anywhere. You'll get improved performance and better pro
Jet 4.0 Service Pack 8 (SP8) Replication File Update - KB321076Jet 4.0 Service Pack 8 (SP8) Replication File Update - KB321076
The Jet Replication Update is an update to Access and Jet files that are used by Microsoft Access and the Access Replication Manager. These files have been updated inconjunction with the release of Microsoft Jet 4.0 Service Pack 8 (SP8). Download now if yo

» show all

 
Similar Applications:

Mirramail Secure Email BusinessMirramail Secure Email Business
Mirramail is a fully featured e-mail program, like Outlook or Outlook Express, except the e-mails you send can be easily secured with 256 bit AES Encryption. Securing your e-mail privacy is as simple as selecting the Encryption level required from a drop-d
dirLockdirLock
dirLock is a simple but easy to use program that lets users lock/unlock any folder on a NTFS volume. DirLock is designed for users who keep their computer turned on/logged in for others to use it. So using this app you'd be able to lock individual folders
PcProxSonarPcProxSonar
The PcProxSonar device attaches to the PC via the USB port and is configured by the system as a keyboard. When you step away from your computer, pcPROX sends keystrokes to the PC that engage a self-locking mechanisms such as a screen saver or your single s
Folder Lock ProFolder Lock Pro
Folder Lock Pro is a professional security tool to lock, hide and protect your folders and files. With very easy to use interface, just a few click, you can lock your folder and keep it safe, no one can open it without a password. This tool also provide pr
TurbineTurbine
In Turbine, the plaintext bytes are XOR combined with a pseudorandom cipher bit stream and transformed by a block cipher with variable block-lengths. The suffix is freely selectable. Depends on this, nobody can see later directly that the Target file is an
EyeOnKeyboardEyeOnKeyboard
EyeOnKeyBoard is software that records all of a PC user's keystrokes to a file. It can automatically run when you start your computer. The full version runs in invisible mode in the background, so other people will not be aware of its existence.Requirement
Desktop USB Security KeyDesktop USB Security Key
This application installs to any USB thumb drive and adds extra security when the user is away from their PC or laptop. First, take out the USB Drive and the PC will go into locked windows mode and also lock the keyboard. Upon return to PC or laptop, inser
CyberSpyCyberSpy
CyberSpy records all e-mails typed and viewed, chat conversations, Web sites, keystrokes, passwords, applications, windows, documents, and even desktop snapshots all in total stealth (if desired). It can be used for monitoring others who use your PC: child
Lalim Msn Messenger Password RecoveryLalim Msn Messenger Password Recovery
Lalim Msn Password is a password recovery tool that is used to recover lost or forgotten passwords for your MSN messenger accounts. It is important that the password you are trying to recover is stored on your computer (i.e. you are recovering your own pa
FarsighterFarsighter
From the developer: "Farsighter monitors a remote computer invisibly by streaming video to a viewer on your computer. You will know exactly what is happening on the remote computer as you see it in real-time. Some applications are: - Monitor your computer
 

Supported Operating Systems:
Windows 2000 | 
 

Comments on Windows 2000 Unchecked Buffer Help Security Vulnerability Patch:

Comments not found

Name:


Comment:


Enter text from image below:

Turn on images!

 
 
 

Windows Software - Free Windows Downloads, Apps, Games, Freeware, Skype, Media Player, Antivirus, Gimp, Live, Starter for Windows XP, Vista, 7, 8, 10

© Pantich 2016 all rights reserved