Description
Buffer overflow in Winhlp32.exe allows remote attackers to execute arbitrary code via an HTML document that calls the HTML Help ActiveX control (HHCtrl.ocx) with a long pathname in the Item parameter.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Next Generation Security · textremotewindows
https://www.exploit-db.com/exploits/21485
References (5)
Core 5
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/4857
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://www.osvdb.org/2991
Third Party Advisory vdb-entry
x_refsource_xf
http://www.iss.net/security_center/static/9746.php
Vendor Advisory vendor-advisory
x_refsource_mskb
http://support.microsoft.com/default.aspx?scid=kb%3Ben-us%3Bq293338
Mailing List mailing-list
x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=102822806329440&w=2
Scores
EPSS
0.6456
EPSS Percentile
98.5%
Details
Status
published
Products (2)
microsoft/windows_2000
(2 CPE variants)
microsoft/windows_help
Published
Aug 12, 2002
Tracked Since
Feb 18, 2026