9 lines
No EOL
807 B
Text
9 lines
No EOL
807 B
Text
source: https://www.securityfocus.com/bid/17926/info
|
|
|
|
Microsoft Windows is susceptible to a heap-corruption vulnerability while attempting to read specially crafted CHM or ITS files. This occurs in the 'ITSS.DLL' library.
|
|
|
|
This vulnerability allows remote attackers to execute arbitrary machine code in the context of applications using the affected library.
|
|
|
|
Attackers may exploit this issue by coercing users to open malicious CHM or ITS files with Internet Explorer, or when users try to decompile such files using the 'hh -decompile' command. CHM files are considered unsafe files, so there is a possibility that advanced users or security researchers may try to decompile these files to inspect their contents.
|
|
|
|
https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/27850.chm |