Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-0823


Vulnerability Score 7.5 7.5
CVE Id CVE-2002-0823
Last Modified 05 Sep 2008 04:29:02
Published 12 Aug 2002 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE



Buffer overflow in Winhlp32.exe allows remote attackers to execute arbitrary code via an HTML document that calls the HTML Help ActiveX control (HHCtrl.ocx) with a long pathname in the Item parameter.

Vulnerable Systems

Operating System

  • Microsoft Windows 2000


  • Microsoft Windows Help


MSKB - Q293338

BUGTRAQ - 20020801 Winhelp32 Remote Buffer Overrun

BID - 4857

OSVDB - 2991

XF - htmlhelp-item-bo(9746)

Last Updated: 27 May 2016 10:37:06