Microsoft Windows Help File Unspecified Heap Overflow Vulnerability

Microsoft Windows Help File Unspecified Heap Overflow Vulnerability

The Microsoft Windows Help File viewer is reported prone to a heap-overflow vulnerability because it fails to perform boundary checks before copying user-supplied data into insufficiently sized memory buffers.

This vulnerability presents itself when the application handles a specially crafted Windows Help ('.hlp') file.

A successful attack may facilitate arbitrary code execution in the context of a vulnerable user who opens a malicious file. Failed exploit attempts will likely result in denial-of-service conditions.