Full Disclosure: Re: WinXP IE .HLP file 0day

Re: WinXP IE .HLP file 0day

From: Peter Ferrie <peter.ferrie () gmail com>
Date: Fri, 26 Feb 2010 09:30:44 -0800

Rather funny than scary:
http://isec.pl/vulnerabilities10.html


There are loads of known vulns in winhlp32.exe, particularly in the
decompression routines.  That's why it was removed from Vista, and why
.hlp files are considered to be dangerous file formats.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

By Date By Thread

Current thread:

WinXP IE .HLP file 0day Maurycy Prodeus (Feb 26)
- Re: WinXP IE .HLP file 0day Peter Ferrie (Feb 26)
  - Re: WinXP IE .HLP file 0day Maurycy Prodeus (Feb 26)