Home page logo

fulldisclosure logo Full Disclosure mailing list archives

Re: WinXP IE .HLP file 0day
From: Maurycy Prodeus <mailing-list () isec pl>
Date: Fri, 26 Feb 2010 19:04:15 +0100

There are loads of known vulns in winhlp32.exe, particularly in the
decompression routines.  That's why it was removed from Vista, and why
.hlp files are considered to be dangerous file formats.

.HLP == executable

According to http://en.wikipedia.org/wiki/WinHelp :
"A rather security critical feature is that one can also include a DLL
file containing custom code and associating it with WinHelp topics.
Effectively this makes .HLP files equivalent to executables."

Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]