9 lines
No EOL
823 B
Text
9 lines
No EOL
823 B
Text
source: http://www.securityfocus.com/bid/17926/info
|
|
|
|
Microsoft Windows is susceptible to a heap-corruption vulnerability while attempting to read specially crafted CHM or ITS files. This occurs in the 'ITSS.DLL' library.
|
|
|
|
This vulnerability allows remote attackers to execute arbitrary machine code in the context of applications using the affected library.
|
|
|
|
Attackers may exploit this issue by coercing users to open malicious CHM or ITS files with Internet Explorer, or when users try to decompile such files using the 'hh -decompile' command. CHM files are considered unsafe files, so there is a possibility that advanced users or security researchers may try to decompile these files to inspect their contents.
|
|
|
|
https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/bin-sploits/27850.chm |