Microsoft VBScript 'winhlp32.exe' 'MsgBox()' Remote Code Execution Vulnerability

Microsoft VBScript is prone to a remote code-execution vulnerability.

Attackers can exploit this issue to execute arbitrary code in the context of the user running the application. Successful exploits will compromise the application and possibly the underlying computer.

NOTE: Attackers must use social-engineering techniques to convince an unsuspecting user to press the 'F1' key when the attacker's message box prompts them to do so.

NOTE: Microsoft reports that this issue can not be exploited on Windows Vista, Server 2008, 7, or Server 2008 R2.

NOTE: This document previously mentioned a buffer-overflow affecting 'winhlp32.exe'. That issue has been moved to BID 38473 (Microsoft Internet Explorer 'winhlp32.exe' 'MsgBox()' Stack-Based Buffer Overflow Vulnerability) to better document it.


Privacy Statement
Copyright 2010, SecurityFocus