Microsoft Windows "itss.dll" Heap Corruption Vulnerability

["Fergie" <fergdawg () netzero net>]

Via Secunia.

[snip]

Description:
Rubén Santamarta has discovered a vulnerability in Microsoft Windows, which potentially can be exploited by malicious 
people to compromise a user's system.

The vulnerability is caused due to a boundary error in the Infotech Storage System Library (itss.dll) when reading a 
".CHM" file. This can be exploited to cause heap corruption and may allow arbitrary code execution via a specially 
crafted ".CHM" file.

Successful exploitation requires that the user is e.g. tricked in opening or decompiling a malicious ".CHM" file using 
"hh.exe".

The vulnerability has been confirmed in Windows XP SP2 (fully patched) and also reported in Windows 2000 SP4. Other 
versions may also be affected.

[snip]

More:
http://secunia.com/advisories/20061/

- ferg


--
"Fergie", a.k.a. Paul Ferguson
 Engineering Architecture for the Internet
 fergdawg () netzero net or fergdawg () sbcglobal net
 ferg's tech blog: http://fergdawg.blogspot.com/


_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.