MS.Windows.Winhlp32.Heap.Overflow
Description
This indicates an attempt to exploit a heap overflow vulnerability in Microsoft Windows winhlp32.exe.
The vulnerability is caused by insufficient validation when the vulnerable software parses a malicious Windows Help file (.hlp). It allows remote attackers to execute arbitrary code on the affected system.
Affected Products
Microsoft Windows XP through SP1
Microsoft Windows 2003
Microsoft Windows 2000 through SP4
Microsoft Windows NT through SP6
Impact
System compromise: remote code execution.
Recommended Actions
Do not download or open Windows help (.hlp) files from untrusted sources.
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |