The HTML Help facility in Windows includes an ActiveX control that provides much of its functionality. One of the functions that is exposed through the control contains an unchecked buffer. This buffer may be exploited by a Web page that is hosted on an attacker's site or that is sent to a user as an HTML message. An attacker who successfully exploits the vulnerability can run code in the security context of the user, and as a result, an attacker can gain the same privileges as the user on the computer.
Requirements:
Windows XP
Comments not found