Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Re: WinXP IE .HLP file 0day
From: Peter Ferrie <peter.ferrie () gmail com>
Date: Fri, 26 Feb 2010 09:30:44 -0800

Rather funny than scary:
http://isec.pl/vulnerabilities10.html

There are loads of known vulns in winhlp32.exe, particularly in the
decompression routines.  That's why it was removed from Vista, and why
.hlp files are considered to be dangerous file formats.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]