|
|
Microsoft Windows HTML Help API Privilege Escalation Vulnerability
|
Bugtraq ID:
|
8884
|
|
Class:
|
Access Validation Error
|
|
CVE:
|
|
|
Remote:
|
No
|
|
Local:
|
Yes
|
|
Published:
|
Oct 24 2003 12:00AM
|
|
Updated:
|
Oct 24 2003 12:00AM
|
|
Credit:
|
Discovered by "Brett Moore" <brett.moore@security-assessment.com>. This issue was also discovered independantly by Snosoft.
|
|
Vulnerable:
|
Microsoft HTML Help Control 5.2.3735 .1
+
Microsoft Windows 2000 Advanced Server SP4
+
Microsoft Windows 2000 Advanced Server SP3
+
Microsoft Windows 2000 Advanced Server SP2
+
Microsoft Windows 2000 Advanced Server SP1
+
Microsoft Windows 2000 Advanced Server
+
Microsoft Windows 2000 Datacenter Server SP4
+
Microsoft Windows 2000 Datacenter Server SP3
+
Microsoft Windows 2000 Datacenter Server SP2
+
Microsoft Windows 2000 Datacenter Server SP1
+
Microsoft Windows 2000 Datacenter Server
+
Microsoft Windows 2000 Professional SP4
+
Microsoft Windows 2000 Professional SP3
+
Microsoft Windows 2000 Professional SP2
+
Microsoft Windows 2000 Professional SP1
+
Microsoft Windows 2000 Professional
+
Microsoft Windows 2000 Server SP4
+
Microsoft Windows 2000 Server SP3
+
Microsoft Windows 2000 Server SP2
+
Microsoft Windows 2000 Server SP1
+
Microsoft Windows 2000 Server
+
Microsoft Windows 2000 Server Japanese Edition
+
Microsoft Windows 2000 Terminal Services SP4
+
Microsoft Windows 2000 Terminal Services SP3
+
Microsoft Windows 2000 Terminal Services SP2
+
Microsoft Windows 2000 Terminal Services SP1
+
Microsoft Windows 2000 Terminal Services
+
Microsoft Windows 98 SP1
+
Microsoft Windows 98 j
+
Microsoft Windows 98 b
+
Microsoft Windows 98 a
+
Microsoft Windows 98
+
Microsoft Windows 98 With Plus! Pack
+
Microsoft Windows 98SE
+
Microsoft Windows ME
+
Microsoft Windows NT 3.5.1 SP5 alpha
+
Microsoft Windows NT 3.5.1 SP5
+
Microsoft Windows NT 3.5.1 SP4
+
Microsoft Windows NT 3.5.1 SP3
+
Microsoft Windows NT 3.5.1 SP2
+
Microsoft Windows NT 3.5.1 SP1
+
Microsoft Windows NT 3.5.1
+
Microsoft Windows NT 4.0 SP6a alpha
+
Microsoft Windows NT 4.0 SP6a
+
Microsoft Windows NT 4.0 SP6 alpha
+
Microsoft Windows NT 4.0 SP6
+
Microsoft Windows NT 4.0 SP5 alpha
+
Microsoft Windows NT 4.0 SP5
+
Microsoft Windows NT 4.0 SP4 alpha
+
Microsoft Windows NT 4.0 SP4
+
Microsoft Windows NT 4.0 SP3 alpha
+
Microsoft Windows NT 4.0 SP3 alpha
+
Microsoft Windows NT 4.0 SP3
+
Microsoft Windows NT 4.0 SP2 alpha
+
Microsoft Windows NT 4.0 SP2
+
Microsoft Windows NT 4.0 SP1 alpha
+
Microsoft Windows NT 4.0 SP1
+
Microsoft Windows NT 4.0 alpha
+
Microsoft Windows NT 4.0
+
Microsoft Windows NT 3.5
+
Microsoft Windows NT Enterprise Server 4.0 SP6a
+
Microsoft Windows NT Enterprise Server 4.0 SP6
+
Microsoft Windows NT Enterprise Server 4.0 SP5
+
Microsoft Windows NT Enterprise Server 4.0 SP4
+
Microsoft Windows NT Enterprise Server 4.0 SP3
+
Microsoft Windows NT Enterprise Server 4.0 SP2
+
Microsoft Windows NT Enterprise Server 4.0 SP1
+
Microsoft Windows NT Enterprise Server 4.0
+
Microsoft Windows NT Server 4.0 SP6a
+
Microsoft Windows NT Server 4.0 SP6
+
Microsoft Windows NT Server 4.0 SP5
+
Microsoft Windows NT Server 4.0 SP4
+
Microsoft Windows NT Server 4.0 SP3
+
Microsoft Windows NT Server 4.0 SP2
+
Microsoft Windows NT Server 4.0 SP1
+
Microsoft Windows NT Server 4.0
+
Microsoft Windows NT Terminal Server 4.0 SP6
+
Microsoft Windows NT Terminal Server 4.0 SP5
+
Microsoft Windows NT Terminal Server 4.0 SP4
+
Microsoft Windows NT Terminal Server 4.0 SP3
+
Microsoft Windows NT Terminal Server 4.0 SP2
+
Microsoft Windows NT Terminal Server 4.0 SP1
+
Microsoft Windows NT Terminal Server 4.0 alpha
+
Microsoft Windows NT Terminal Server 4.0
+
Microsoft Windows NT Workstation 4.0 SP6a
+
Microsoft Windows NT Workstation 4.0 SP6
+
Microsoft Windows NT Workstation 4.0 SP5
+
Microsoft Windows NT Workstation 4.0 SP4
+
Microsoft Windows NT Workstation 4.0 SP3
+
Microsoft Windows NT Workstation 4.0 SP2
+
Microsoft Windows NT Workstation 4.0 SP1
+
Microsoft Windows NT Workstation 4.0
+
Microsoft Windows Server 2003 Datacenter Edition
+
Microsoft Windows Server 2003 Datacenter Edition Itanium 0
+
Microsoft Windows Server 2003 Enterprise Edition
+
Microsoft Windows Server 2003 Enterprise Edition Itanium 0
+
Microsoft Windows Server 2003 Standard Edition
+
Microsoft Windows Server 2003 Web Edition
+
Microsoft Windows XP 64-bit Edition SP1
+
Microsoft Windows XP 64-bit Edition
+
Microsoft Windows XP 64-bit Edition Version 2003
+
Microsoft Windows XP Embedded SP1
+
Microsoft Windows XP Embedded
+
Microsoft Windows XP Home SP1
+
Microsoft Windows XP Home
+
Microsoft Windows XP Media Center Edition
+
Microsoft Windows XP Professional SP1
+
Microsoft Windows XP Professional
+
Microsoft Windows XP Tablet PC Edition
|
|
|
|
Not Vulnerable:
|
|
|
|
