CVE-2004-0474

Windows XP - Arbitrary File Read and Execution via Help Center URL Parameter

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2004-0474. PoCs published by Bartosz Kwitkowski.

AI-analyzed exploit summary The provided text describes a vulnerability in the Microsoft Windows XP HCP URI handler that allows arbitrary command execution via specially crafted URIs. It includes examples of exploit vectors but lacks executable code.

Description

Help Center (HelpCtr.exe) may allow remote attackers to read or execute arbitrary files via an "http://" or "file://" argument to the topic parameter in an hcp:// URL. NOTE: since the initial report of this problem, several researchers have been unable to reproduce this issue.

Exploits (1)

exploitdb WRITEUP VERIFIED

by Bartosz Kwitkowski · textremotewindows

https://www.exploit-db.com/exploits/23675

View Code ZIP pw:eip

The provided text describes a vulnerability in the Microsoft Windows XP HCP URI handler that allows arbitrary command execution via specially crafted URIs. It includes examples of exploit vectors but lacks executable code.

Classification

Writeup 80%

Attack Type

Rce

Complexity

Trivial

Reliability

Theoretical

Target: Microsoft Windows XP SP1 (Polish versions confirmed)

No auth needed

Prerequisites: User interaction required to follow a malicious link

MITRE ATT&CK