Hilgraeve HyperTerminal Session Data Buffer Overflow Vulnerability

A remote buffer overflow vulnerability affects the session parsing functionality of Hilgraeve HyperTerminal. HyperTerminal is shipped and installed with every copy of Microsoft Windows 98, ME, NT 4.0, 2000, XP, and 2003. It is the default telnet client in Microsoft 98 and ME, but not in Windows NT 4.0, 2000, XP, and 2003.

This issue is due to a failure of the application to properly validate the length of session-related strings prior to copying them into static process buffers. This may be triggered by a malicious session file or through a telnet URI in circumstances where HyperTerminal is configured to be the default handler for the telnet protocol.

An attacker may exploit this issue to execute arbitrary code with the privileges of the unsuspecting user that activates the vulnerable application. This may facilitate unauthorized access or privilege escalation.


Privacy Statement
Copyright 2010, SecurityFocus