Microsoft Windows HTML Help Remote Code Execution Vulnerability

Microsoft Windows HTML Help is affected by a remote code execution vulnerability.

The vulnerability presents itself when the application handles malformed data through the InfoTech protocol (ms-its, its, mk:@msitstore).

An attacker may exploit this issue from a malicious Web page or through HTML email to execute arbitrary code with the privileges of the currently logged in user.

This vulnerability affects any application that utilizes the Windows Help component of Internet Explorer.


Privacy Statement
Copyright 2010, SecurityFocus