Overview
A buffer overflow in Microsoft HTML Help Workshop may allow a remote attacker to execute arbitrary code on a vulnerable system.
Description
Microsoft HTML Help provides a standard help system for the Windows operating system. HTML Help Workshop is a component of the software development kit for HTML Help. A lack of validation on the Contents file field within HTML Help Workshop Project files headers may allow a stack-based buffer overflow to occur. Note that Microsoft HTML Help Workshop is not installed by default on any version of Microsoft Windows. Exploit code for this vulnerability is publicly available. |
Impact
By persuading a user to access a specially crafted HTML Help Workshop Project files (.hhp), a remote attacker may be able to execute arbitrary code. |
Solution
We are unaware of a practical solution to this problem, however we suggest the following workaround to reduce the chances of exploitation: |
|
Vendor Information
CVSS Metrics
Group | Score | Vector |
---|---|---|
Base | ||
Temporal | ||
Environmental |
References
- http://users.pandora.be/bratax/advisories/b008.html
- http://secunia.com/advisories/18740/
- http://eagle.blacksecurity.org/stuff/unl0ck/adv/55k700106.txt.
- http://msdn.microsoft.com/library/default.asp?url=/library/en-us/htmlhelp/html/vsconHH1Start.asp
- http://archives.neohapsis.com/archives/ntbugtraq/2005-q2/0056.html
Acknowledgements
This vulnerability was reported by bratax.
This document was written by Jeff Gennari.
Other Information
CVE IDs: | CVE-2006-0564 |
Severity Metric: | 17.08 |
Date Public: | 2006-02-06 |
Date First Published: | 2006-02-13 |
Date Last Updated: | 2006-02-14 18:19 UTC |
Document Revision: | 51 |