CVE-2005-1208 Information

Description

Integer overflow in Microsoft Windows 98 2000 XP SP2 and earlier and Server 2003 SP1 and earlier allows remote attackers to execute arbitrary code via a crafted compiled Help (.CHM) file with a large size field that triggers a heap-based buffer overflow as demonstrated using a \ms-its:\ URL in Internet Explorer.

Reference

http://archives.neohapsis.com/archives/vulnwatch/2005-q2/0062.html http://secunia.com/advisories/15683 http://www.kb.cert.org/vuls/id/851869 http://www.securityfocus.com/bid/13953 http://www.us-cert.gov/cas/techalerts/TA05-165A.html https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-026 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A1057 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A381 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A463