mailing list archives
Re: WinXP IE .HLP file 0day
From: Maurycy Prodeus <mailing-list () isec pl>
Date: Fri, 26 Feb 2010 19:04:15 +0100
There are loads of known vulns in winhlp32.exe, particularly in the
decompression routines. That's why it was removed from Vista, and why
.hlp files are considered to be dangerous file formats.
.HLP == executable
According to http://en.wikipedia.org/wiki/WinHelp :
"A rather security critical feature is that one can also include a DLL
file containing custom code and associating it with WinHelp topics.
Effectively this makes .HLP files equivalent to executables."
Full-Disclosure - We believe in it.
Hosted and sponsored by Secunia - http://secunia.com/