Published: 07/03/2003 Updated: 12/10/2018

CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6

VMScore: 685

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

Cross-site scripting (XSS) vulnerability in Help and Support Center for Microsoft Windows Me allows remote malicious users to execute arbitrary script in the Local Computer security context via an hcp:// URL with the malicious script in the topic parameter.

Vulnerable Product	Search on Vulmon	Subscribe to Product
microsoft windows xp
microsoft windows me

source: wwwsecurityfocuscom/bid/6966/info The Microsoft Windows ME Help and Support Center is prone to a buffer overflow This is due to insufficient bounds checking on input supplied through the HCP URI parameter An attacker can exploit this vulnerability by making a HCP request with an overly long string This will trigger the overflo ...

NVD-CWE-Other http://www.securityfocus.com/bid/6966 http://www.iss.net/security_center/static/11425.php http://www.ciac.org/ciac/bulletins/n-047.shtml http://www.kb.cert.org/vuls/id/489721 http://www.osvdb.org/6074 http://marc.info/?l=bugtraq&m=104636383018686&w=2 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-006 https://nvd.nist.gov https://www.exploit-db.com/exploits/22289/https://www.kb.cert.org/vuls/id/489721

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2003-0009

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect