Oval Definition:	oval:org.mitre.oval:def:1503
Revision Date: 2007-03-21 Version: 42 Title: Windows 2000 HtmlHelp Heap Overflow Description: Heap-based buffer overflow in the HtmlHelp program (hh.exe) in HTML Help for Microsoft Windows 98, Me, NT 4.0, 2000, XP, and Server 2003 allows remote attackers to execute arbitrary commands via a .CHM file with a large length field, a different vulnerability than CVE-2003-1041. Family: windows Class: vulnerability Status: ACCEPTED Reference(s): CVE-2004-0201 Platform(s): Microsoft Windows 2000 Product(s): HTML Help Facility Definition Synopsis Software section Windows 2000 is installed AND the version of itss.dll is less than 5.2.3790.185 AND NOT the patch kb840315 is installed AND Configuration section NOT HTML Help is registered
BACK