source: http://www.securityfocus.com/bid/19490/info

The Microsoft Windows Help File viewer (winhlp32.exe) is prone to multiple remote vulnerabilities.

These vulnerabilities present themselves when the application handles specially crafted Windows Help (.hlp) files.

A successful attack may let the attacker crash the application or execute arbitrary code in the context of a vulnerable user who opens a malicious file.

Specific information regarding affected versions of Microsoft Windows is currently unavailable.

Update: Since help files can inherently execute arbitrary malicious code, this BID is being retired.

https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/bin-sploits/28381.zip