The host is running Microsoft HTML Help Workshop which is prone to buffer overflow vulnerability.
Successful remote exploitation could context-dependent attackers to execute arbitrary code via a .hhp file with a long index file field. Impact Level: System.
No solution or patch was made available for at least one year since disclosure of this vulnerability. Likely none will be provided anymore. General solution options are to upgrade to a newer release, disable respective features, remove the product or replace the product by another one. For updates refer to http://office.microsoft.com/en-us/orkXP/HA011362801033.aspx
A flaw is due to the way application handle a malformed HTML help workshop project.
Microsoft HTML Help Workshop 4.74 and prior on Windows.
- Yahoo!Messenger is installed
- Microsoft Windows SMB2 '_Smb2ValidateProviderCallback()' Remote Code Execution Vulnerability
- Microsoft Visual Studio Insecure Library Loading Vulnerability
- Microsoft .NET Framework 'RC4' Information Disclosure Vulnerability (2960358)
- Microsoft Office Excel Axis and Art Object Parsing Remote Code Execution Vulnerabilities