CVE-2002-0693

Description

Buffer overflow in the HTML Help ActiveX Control (hhctrl.ocx) in Microsoft Windows 98, 98 Second Edition, Millennium Edition, NT 4.0, NT 4.0 Terminal Server Edition, Windows 2000, and Windows XP allows remote attackers to execute code via (1) a long parameter to the Alink function, or (2) script containing a long argument to the showHelp function.

Related CPE's

Could not find any relations

References

win-html-help-bo(10253)

Vendor Advisory

5874

20021003 Buffer Overflow in IE/Outlook HTML Help

20021009 Thor Larholm security advisory TL#004

20021010 prover of concept code of windows help overflow

oval:org.mitre.oval:def:374

MS02-055

CvssV3 impact

Could not find any metrics

CvssV2 impact

Version

2.0

VectorString

AV:N/AC:L/Au:N/C:P/I:P/A:P

AccessVector

NETWORK

AccessComplexity

LOW

Authentication

NONE

ConfidentialityImpact

PARTIAL

IntegrityImpact

PARTIAL

AvailabilityImpact

PARTIAL

BaseScore

7.5

Created by Yello
About Severity.io