Re: WinXP IE .HLP file 0day

[Peter Ferrie <peter.ferrie () gmail com>]

> Rather funny than scary:
> http://isec.pl/vulnerabilities10.html

There are loads of known vulns in winhlp32.exe, particularly in the
decompression routines.  That's why it was removed from Vista, and why
.hlp files are considered to be dangerous file formats.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/