Vulnerability Note VU#187196
Microsoft Windows fails to properly process showHelp URLs
A vulnerability in the showHelp Method may allow a remote attacker to execute arbitrary code.
A cross domain vulnerability exists in the showHelp method that may permit a remote attacker to execute local commands on the system with the privileges of the current user. Explotation of this vulnerability would require the user to visit a malicious website or otherwise visit a crafted URL and then take several interactive steps.
Note that Microsoft states that they have received reports that this vulnerability is being actively exploited.
A remote attacker may be able to execute local commands on the system with the privileges of the current user.
Microsoft has provided a patch in Microsoft Security Bulletin MS04-023.
Microsoft recommends several workarounds to help mitigate attack vectors. These include Strengthen the security settings for the Local Machine zone in Internet Explorer, unregistering HTML Help, and reading e-mail messages in plain-text format. Please see Microsoft Security Bulletin MS04-023 for full details and impacts of implementing these workarounds.
Systems Affected (Learn More)
|Vendor||Status||Date Notified||Date Updated|
|Microsoft Corporation||Affected||-||14 Jul 2004|
CVSS Metrics (Learn More)
Thanks to Microsoft for reporting this vulnerability.
This document was written by Jason A Rafail and is based on information from Microsoft Security Bulletin MS04-023.
- CVE IDs: CAN-2003-1041
- Date Public: 13 Jul 2004
- Date First Published: 14 Jul 2004
- Date Last Updated: 14 Jul 2004
- Severity Metric: 25.51
- Document Revision: 5
If you have feedback, comments, or additional information about this vulnerability, please send us email.