[prev in list] [next in list] [prev in thread] [next in thread] 

List:       full-disclosure
Subject:    Re: [Full-disclosure] WinXP IE .HLP file 0day
From:       Maurycy Prodeus <mailing-list () isec ! pl>
Date:       2010-02-26 18:04:15
Message-ID: d4c9ac821002261004v718e7610u3a6dec93be11b607 () mail ! gmail ! com
[Download RAW message or body]

> There are loads of known vulns in winhlp32.exe, particularly in the
> decompression routines.  That's why it was removed from Vista, and why
> .hlp files are considered to be dangerous file formats.

.HLP == executable

According to http://en.wikipedia.org/wiki/WinHelp :
"A rather security critical feature is that one can also include a DLL
file containing custom code and associating it with WinHelp topics.
Effectively this makes .HLP files equivalent to executables."

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

[prev in list] [next in list] [prev in thread] [next in thread]