Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
microsoft windows help vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2004-0199
Help and Support Center in Microsoft Windows XP and Windows Server 2003 SP1 does not properly validate HCP URLs, which allows remote malicious users to execute arbitrary code, as demonstrated using certain hcp:// URLs that access the DVD Upgrade capability (dvdupgrd.htm).
Microsoft Windows 2003 Server R2
Microsoft Windows 2003 Server Standard
Microsoft Windows Xp
Microsoft Windows 2003 Server Enterprise
Microsoft Windows 2003 Server Enterprise 64-bit
Microsoft Windows 2003 Server Web
NA
CVE-2003-0009
Cross-site scripting (XSS) vulnerability in Help and Support Center for Microsoft Windows Me allows remote malicious users to execute arbitrary script in the Local Computer security context via an hcp:// URL with the malicious script in the topic parameter.
Microsoft Windows Xp
Microsoft Windows Me
1 EDB exploit
NA
CVE-2004-1306
Heap-based buffer overflow in winhlp32.exe in Windows NT, Windows 2000 through SP4, Windows XP through SP2, and Windows 2003 allows remote malicious users to execute arbitrary code via a crafted .hlp file.
Microsoft Windows 2003 Server R2
Microsoft Windows Nt 4.0
Microsoft Windows Xp
Microsoft Windows 2000
Microsoft Windows 2003 Server Enterprise 64-bit
Microsoft Windows 2003 Server Enterprise
Microsoft Windows 2003 Server Web
Microsoft Windows 2003 Server Datacenter 64-bit
Microsoft Windows 2003 Server Standard
1 EDB exploit
NA
CVE-2003-0907
Help and Support Center in Microsoft Windows XP SP1 does not properly validate HCP URLs, which allows remote malicious users to execute arbitrary code via quotation marks in an hcp:// URL, which are not quoted when constructing the argument list to HelpCtr.exe.
Microsoft Windows Xp -
Microsoft Windows Server 2003 -
NA
CVE-1999-0716
Buffer overflow in Windows NT 4.0 help file utility via a malformed help file.
Microsoft Windows Nt 4.0
Microsoft Windows Nt
Microsoft Windows 2000
1 EDB exploit
NA
CVE-2004-1043
Internet Explorer 6.0 on Windows XP SP2 allows remote malicious users to execute arbitrary code by using the "Related Topics" command in the Help ActiveX Control (hhctrl.ocx) to open a Help popup window containing the PCHealth tools.htm file in the local zone and inject...
Microsoft Internet Explorer 6.0
Microsoft Windows Xp
1 EDB exploit
NA
CVE-2002-0694
The HTML Help facility in Microsoft Windows 98, 98 Second Edition, Millennium Edition, NT 4.0, NT 4.0 Terminal Server Edition, Windows 2000, and Windows XP uses the Local Computer Security Zone when opening .chm files from the Temporary Internet Files folder, which allows remote ...
Microsoft Windows 2000
Microsoft Windows 98
Microsoft Windows 98se
Microsoft Windows Nt 4.0
Microsoft Windows Xp
Microsoft Windows Me
Microsoft Windows 2000 Terminal Services
NA
CVE-2010-1885
The MPC::HexToNum function in helpctr.exe in Microsoft Windows Help and Support Center in Windows XP and Windows Server 2003 does not properly handle malformed escape sequences, which allows remote malicious users to bypass the trusted documents whitelist (fromHCP option) and exe...
Microsoft Windows Xp
Microsoft Windows 2003 Server
Microsoft Windows Xp -
Microsoft Windows Server 2003
2 EDB exploits
14 Articles
NA
CVE-2006-1591
Heap-based buffer overflow in Microsoft Windows Help winhlp32.exe allows user-assisted malicious users to execute arbitrary code via crafted embedded image data in a .hlp file.
Microsoft Windows 2000
Microsoft Windows 2003 Server Standard
Microsoft Windows Nt 4.0
Microsoft Windows Xp
Microsoft Windows 2003 Server Enterprise
Microsoft Windows 2003 Server R2
Microsoft Windows 2003 Server Web
8.8
CVSSv3
CVE-2021-34481
<p>A remote code execution vulnerability exists when the Windows Print Spooler service improperly performs privileged file operations. An attacker who successfully exploited this vulnerability could run arbitrary code with SYSTEM privileges. An attacker could then install p...
Microsoft Windows Server 2008 R2
Microsoft Windows 10 1607
Microsoft Windows 8.1 -
Microsoft Windows Server 2016 -
Microsoft Windows Server 2008 -
Microsoft Windows 7 -
Microsoft Windows Rt 8.1 -
Microsoft Windows Server 2012 -
Microsoft Windows 10 -
Microsoft Windows Server 2019 -
Microsoft Windows 10 1809
Microsoft Windows 10 1909
Microsoft Windows 10 2004
Microsoft Windows Server 2016 2004
Microsoft Windows 10 20h2
Microsoft Windows 10 21h1
3 Github repositories
2 Articles
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »