Intrusion Prevention

MS.Windows.XP.HCP.URI.Handler.Arbitrary.Command.Execution

Description

It indicates a possible exploit of Arbitrary Command Execution Vulnerability in Microsoft Windows XP HCP URI Handler.

A vulnerability is reported in Microsoft Windows XP HCP URI Handler that may allow an attacker to execute arbitrary commands on the vulnerable system. This is due to application helpctr.exe failure to sanitize hcp:// URL request. For exploiting this an attacker may by creating a malicious Web page and hosting it on a Web site or by sending it to a victim as an HTML email.

Affected Products

Microsoft Windows XP Professional SP1.

Impact

Compromise of the affected system.

Recommended Actions

Apply appropriate service pack path from the Microsoft.

Coverage

IPS (Regular DB)
IPS (Extended DB)

ID	10403
Created	Aug 08, 2005
Updated	Jan 13, 2022
Risk
CVE ID	CVE-2004-0474
Exploit Prediction Score	3.68%
Default Action	pass
Active
Affected OS	Windows
Affected App	Other

Protect

Detect

Respond

Recover

Identify

Network Security

Endpoint Security

Application Security

Security Operations

Intrusion Prevention

MS.Windows.XP.HCP.URI.Handler.Arbitrary.Command.Execution

Description

Affected Products

Impact

Recommended Actions

Telemetry

Coverage

News/Research

Research Center

PSIRT Center

Services

By Outbreak

By Solution

By Product

Protect

Detect

Respond

Recover

Identify

Network Security

Endpoint Security

Application Security

Security Operations

Threat Intelligence Center

Resource Center

About

FortiGuard Labs

Partners

Intrusion Prevention

MS.Windows.XP.HCP.URI.Handler.Arbitrary.Command.Execution

Description

Affected Products

Impact

Recommended Actions

Telemetry

Coverage

Threat Intelligence
Center