CVE-2007-0427

Опубликовано: 23 янв. 2007

Источник: nvd

CVSS2: 9.3

EPSS Средний

Описание

Stack-based buffer overflow in Microsoft Help Workshop 4.03.0002 allows user-assisted remote attackers to execute arbitrary code via a help project (.HPJ) file with a long HLP field in the OPTIONS section.

Ссылки

http://osvdb.org/31899
http://secunia.com/advisories/23862
http://securityreason.com/securityalert/2177
http://www.anspi.pl/~porkythepig/visualization/hpj-x01.cpp
Exploit
http://www.securityfocus.com/archive/1/457436/100/0/threaded
http://www.securityfocus.com/bid/22135
Exploit
http://osvdb.org/31899
http://secunia.com/advisories/23862
http://securityreason.com/securityalert/2177
http://www.anspi.pl/~porkythepig/visualization/hpj-x01.cpp
Exploit
http://www.securityfocus.com/archive/1/457436/100/0/threaded
http://www.securityfocus.com/bid/22135
Exploit

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:microsoft:html_help_workshop:4.03.0002:*:*:*:*:*:*:*

EPSS

Процентиль: 98%

0.53645

Средний

9.3 Critical

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-8h98-28x3-m78p

github

почти 4 года назад