Microsoft VBScript 'winhlp32.exe' 'MsgBox()' Remote Code Execution Vulnerability

Microsoft VBScript 'winhlp32.exe' 'MsgBox()' Remote Code Execution Vulnerability

References:

Investigating a new win32hlp and Internet Explorer issue (Microsoft Security Response Center)
isec-0027-msgbox-helpfile-ie.txt (Maurycy Prodeus)
Microsoft Homepage (Microsoft)
ASA-2010-095 MS10-022 Vulnerability in VBScript Could Allow Remote Code Executio (Avaya)
Microsoft Security Advisory (981169) Vulnerability in VBScript Could Allow Remot (Microsoft)
Microsoft Security Bulletin MS10-022 (Microsoft)
Vulnerability Note VU#612021 Internet Explorer VBScript Windows Help arbitrary c (US-CERT)

Privacy Statement
Copyright 2010, SecurityFocus