[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] WinXP IE .HLP file 0day

To: Peter Ferrie <peter.ferrie@xxxxxxxxx>
Subject: Re: [Full-disclosure] WinXP IE .HLP file 0day
From: Maurycy Prodeus <mailing-list@xxxxxxx>
Date: Fri, 26 Feb 2010 19:04:15 +0100

> There are loads of known vulns in winhlp32.exe, particularly in the
> decompression routines.  That's why it was removed from Vista, and why
> .hlp files are considered to be dangerous file formats.

.HLP == executable

According to http://en.wikipedia.org/wiki/WinHelp :
"A rather security critical feature is that one can also include a DLL
file containing custom code and associating it with WinHelp topics.
Effectively this makes .HLP files equivalent to executables."

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

References:
- [Full-disclosure] WinXP IE .HLP file 0day
  - From: Maurycy Prodeus
- Re: [Full-disclosure] WinXP IE .HLP file 0day
  - From: Peter Ferrie

Prev by Date: Re: [Full-disclosure] Mozilla firefox 3.6 unpatched phishing vulnerability
Next by Date: Re: [Full-disclosure] Ubuntu Lucid Lynx is Big brother Ubuntu
Previous by thread: Re: [Full-disclosure] WinXP IE .HLP file 0day
Next by thread: [Full-disclosure] John Young of Cryptome on Infowars with Alex Jones
Index(es):
- Date
- Thread