Hi, I don't know if this has been reported before. I discovered an exploitable buffer overflow vulnerability in "helpctr.exe", which can enable an attacker to execute an arbitrary code on remote users with a malformed url. Example : "hcp://m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m" Note : Dots are important do not remove them. I'm using Windows XP Pro Build 2600 Meliksah Ozoral mozoralat_private
This archive was generated by hypermail 2b30 : Wed Nov 21 2001 - 18:27:22 PST