Buffer Overflow in Microsoft Help Workshop Affects Multiple Versions
CVE-2007-0352

Currently unrated

Key Information:

Vendor: Microsoft
Status: Html Help Workshop
Vendor: CVE Published:; 19 January 2007

Summary

A stack-based buffer overflow exists in Microsoft Help Workshop version 4.03.0002, which can be exploited by user-assisted remote attackers. The vulnerability arises when processing a crafted .cnt file that consists of lines formatted with an integer followed by a space and a long string. Successful exploitation enables attackers to execute arbitrary code on the affected system, resulting in potential unauthorized access to sensitive data.

References

http://www.securityfocus.com/archive/1/457210/100/0/threaded

mailing-listx_refsource_BUGTRAQ

https://exchange.xforce.ibmcloud.com/vulnerabilities/31555

vdb-entryx_refsource_XF

http://securitytracker.com/id?1017530

vdb-entryx_refsource_SECTRACK

EPSS Score

77% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Jan 19, 2007
Vulnerability Reserved
Jan 18, 2007