| VID |
26066 |
| Severity |
40 |
| Port |
139,445 |
| Protocol |
TCP |
| Class |
SMB |
| Detailed Description |
The Hotfix(KB825119) for 'The Buffer Overflow Vulnerability in Windows Help and Support Center' has not been applied.
Windows Help and Support Center (HSC) is a feature in Windows that provides help on a variety of topics. The HCP protocol can used to execute URL links to open the Help and Support Center feature. Windows is vulnerable to a buffer overflow, caused by an unchecked buffer in a file associated with the HCP protocol. By constructing a malicious web page, and then hosting this link on a web site or directly sending this link to the user in E-Mail, an attacker can execute code of the attacker's choice in the Local Computer security context once the link is clicked. The specific file which actually contains the vulnerable code is present on all versions of Microsoft Windows, but the Help and Support Center functionality, which is required to exploit the vulnerability, is not available or supported on platforms prior to Windows XP.
* Note: This check requires an account with Guest or upper privileges which can access the registry of the remote host to scan. Absence of these condition will result in the check not being performed and a False Negative for all vulnerable hosts.
* References:
http://www.microsoft.com/technet/security/bulletin/MS03-044.asp
http://www.kb.cert.org/vulns/id/467036
* Platforms Affected:
Windows Me
Windows NT 4.0
Windows NT 4.0 Server
Windows NT 4.0 TSE
Windows 2000 Any version
Windows XP Any version
Windows 2003 Server |
| Recommendation |
Upgrade to the IE 5.5 or 6.0 and Apply the appropriate patch, as listed in MS Security Bulletin MS03-044, http://www.microsoft.com/technet/security/bulletin/MS03-044.asp
-- OR --
Patches for Windows platforms are also available from the Windows Update Website: http://windowsupdate.microsoft.com . Windows Update detects what version of Windows you are running and offers the appropriate patch. |
| Related URL |
CVE-2003-0711 (CVE) |
| Related URL |
8828 (SecurityFocus) |
| Related URL |
13420 (ISS) |
|
