Integer overflow in Microsoft Windows 98, 2000, XP SP2 and previous versions, and Server 2003 SP1 and previous versions allows remote malicious users to execute arbitrary code via a crafted compiled Help (.CHM) file with a large size field that triggers a heap-based buffer overflow, as demonstrated using a "ms-its:" URL in Internet Explorer.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
microsoft windows 2003 server enterprise |
||
microsoft windows 2003 server enterprise_64-bit |
||
microsoft windows 2003 server r2 |
||
microsoft windows 2003 server standard |
||
microsoft windows 98 |
||
microsoft windows xp |
||
microsoft windows 2003 server 64-bit |
||
microsoft windows 2003 server datacenter_64-bit |
||
microsoft windows 2003 server standard_64-bit |
||
microsoft windows 2003 server web |
||
microsoft windows 2000 |