Integer Overflow in Microsoft Windows Allowing Remote Code Execution via Compiled Help Files
CVE-2005-1208

Currently unrated

Key Information:

Vendor: Microsoft
Status: Windows 2003 Server; Windows Xp; Windows 2000; Windows 98
Vendor: CVE Published:; 14 June 2005

Summary

An integer overflow vulnerability exists in several versions of Microsoft Windows, including 98, 2000, XP SP2, and Server 2003 SP1. This vulnerability arises due to improper handling of specified field sizes in compiled Help (.CHM) files. A crafted Help file containing an oversized field can trigger a heap-based buffer overflow when processed by the system. Successful exploitation could allow an attacker to execute arbitrary code in the context of the affected application, potentially leading to unauthorized access and control of the affected system. Notably, this issue is often exploited through manipulated URLs in Internet Explorer.

References

http://www.securityfocus.com/bid/13953

vdb-entryx_refsource_BID

https://oval.cisecurity.org/repository/search/definition/...

vdb-entrysignaturex_refsource_OVAL

http://secunia.com/advisories/15683

third-party-advisoryx_refsource_SECUNIA

EPSS Score

51% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Jun 14, 2005
Vulnerability Reserved
Apr 22, 2005