Microsoft Windows Help and Support Center Multiple Vulnerabilities

Last Update Date: 28 Jan 2011 Release Date: 11 Jun 2010 4223 Views

RISK: Medium Risk

Medium Risk

Multiple vulnerabilities have been identified in Microsoft Windows, which could be exploited by remote attackers to compromise a vulnerable system.

1. An error in the "MPC::HTML::UrlUnescapeW()" function within the Help and Support Center application (helpctr.exe) that does not properly check the return code of "MPC::HexToNum()" when escaping URLs, which could allow attackers to bypass whitelist restrictions and invoke arbitrary help files.

2. An input validation error in the "GetServerName()" function in the "C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\commonFunc.js" script invoked via "ShowServerName()" in "C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\sysinfomain.htm", which could be exploited by attackers to execute arbitrary scripting code in the security context of the Help and Support Center.

By combining these vulnerabilities, a remote attacker can inject malicious code in the Help and Support Center and execute arbitrary commands on a vulnerable system by tricking a user into visiting a specially crafted web page.

Impact

  • Remote Code Execution

System / Technologies affected

  • Microsoft Windows XP
  • Microsoft Windows Server 2003

Solutions

There is no patch available for this vulnerability currently.

Workaround
Disable the "hcp:" URI handler.

Vulnerability Identifier

Source

Related Link

Share with

Previous

CA PSFormX and WebScan ActiveX Controls Multiple Vulnerabilities

11 Jun 2010 4426 Views

Next

HP OpenView Network Node Manager Buffer Overflow Vulnerabilities

11 Jun 2010 4398 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY