Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Signature Detail

Security Intelligence Center
Signatures
Print

Short Name

 HTTP:STC:HHP-BINARY

Severity

 Medium

Recommended

 No

Category

 HTTP

Keywords

 Microsoft HTML Help Workshop File With Binary

Release Date

 2006/02/21

Update Number

 1213

Supported Platforms

 idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+

HTTP: Microsoft HTML Help Workshop File With Binary


This signature detects a Microsoft HTML Help Workshop .HHP file containing binary data sent through HTTP. These files should not contain binary, as it can indicate the presence of shellcode or other corruption.

Extended Description

Microsoft HTML Help Workshop is prone to a remote buffer-overflow vulnerability. The vulnerability occurs when the application handles a malformed HTML Help Workshop Project ('.hhp') file. An attacker may exploit the issue to execute arbitrary code in the context of the application. This vulnerability affects HTML Help Workshop 4.74 and prior versions.

Affected Products

  • Microsoft HTML Help Workshop 4.74

References

  • BugTraq: 33189
  • CVE: CVE-2006-0564
  • CVE: CVE-2009-0133
  • URL: http://www.frsirt.com/english/advisories/2006/0446

Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy Policy
Legal Notices
Copyright © 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out