[] NeoSense
E X P L O I T S
title author type platform port cve id

Microsoft Windows XP/2000/2003 - 'winhlp32' Phrase Integer Overflow

Author: flashsky fangxing
type: remote
platform: windows
port: 
date_added: 2004-12-23 
date_updated: 2013-05-06 
verified: 1 
codes: CVE-2004-1306;OSVDB-12625 
tags: 
aliases:  
screenshot_url:  
application_url: 
source: https://www.securityfocus.com/bid/12091/info

Microsoft Windows is prone to an integer overflow vulnerability. This issue exists in 'winhlp32.exe' and is exposed when a malformed phrase compressed Windows Help file (.hlp) is processed by the program.

Successful exploitation may allow execution of arbitrary code in the context of the user that opens the malicious Help file. The Help file may originate from an external or untrusted source, so this vulnerability is considered remote in nature.

https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/25049.gz
Billing Policy . Cookies Policy . Conditions . Disclaimer . ICANN Policy . Legal Notice . Privacy Policy . Spam Policy . Usage Policy
Copyright © 2026 NEOSENSE. All rights reserved.