Welcome to TheBUGS - Security related portal. Search crack, serial number, keygen, patch, activation unlock code  - Microsoft Windows "itss.dll" Heap Corruption Vulnerability
Press CTRL-D to bookmark us
Cracks, serial number, activation, unlock code, nocd
Welcome GuestLogin / Register / Members
Merge or split your pdf files ONLINE and FREE
Bookmark us | Set As Homepage | Advertising | Feedback | Recomend us | Link us | Your comments | Gallery | Terms
Security News | Security Library | Forums | Top Sites | Direct Downloads | Cracks / SN | Links | Books |
  -
 Network
 Top sites
 Direct Download Links
 Password Generator
 Cheats
 HackZone.RU - HACK & CRACK & ВЗЛОМ

 
 Forums
 Best Sites

 Full list
 Your site here
 
 Sponsor
 Partners

CrackSpider.NET

CrackTeam.ws

KeyGen.us



Manuals.ws

Mobile-Review.ws

Your link here
 


You are welcome to post comments and suggestions

Copyright 2001-2008 by Freeman
Search in

> TOP10 SECURITY SITES <
Your site here
Your site here
Your site here
Your site here
Your site here
Your site here
Your site here
Your site here
Your site here
Your site here
>> Your site here <<

Top Submit newsSubscribe
Access Control // Auditing // Communication // Computer Crime // Confidentiality // Cryptography // Digital Imaging // Exploit // Gadgets // Hack // Hardware // Incidents // Internet // Intrusion Detection // Linux // Malicious Code // Microsoft Windows // Mobile // Other // PDA // Phreaking // Privacy // Software Updates // Virus // Vulnerability //


Previous articleBack to news listNext article
 
 Sponsored links

Want to become one of our authors and see your work published on TheBUGS ?
 
 Microsoft Windows "itss.dll" Heap Corruption Vulnerability
Categorie: Vulnerability
Posted: 2006-05-11 by DiMan
Views: 1757
Source: Click here
 
Current Rating: Not rated
Poor Best
 Details
Rubén Santamarta has discovered a vulnerability in Microsoft Windows, which potentially can be exploited by malicious people to compromise a user's system.

The vulnerability is caused due to a boundary error in the Infotech Storage System Library (itss.dll) when reading a ".CHM" file. This can be exploited to cause heap corruption and may allow arbitrary code execution via a specially crafted ".CHM" file.

Successful exploitation requires that the user is e.g. tricked in opening or decompiling a malicious ".CHM" file using "hh.exe".

The vulnerability has been confirmed in Windows XP SP2 (fully patched) and also reported in Windows 2000 SP4. Other versions may also be affected.

NOTE: The CHM file format should be considered insecure and treated similar to an executable file. However, this vulnerability is triggered even when the user decompiles the file without opening it.

Solution:
The vulnerability will reportedly be fixed in the next Service Pack.

Do not open or decompile untrusted ".CHM" files.
 
Syndication
Permalink Email this

The URI to TrackBack this entry is:
http://www.thebugs.ws/news/trackback.php?id=1607

User comments (post your comments here)

Only registerd members can post comments and articles
 

Previous articleBack to news listNext article
 

 Last security news  Last forum messages
  • Bluesoleil (general bluetooth) drivers update 2.3.060728...
  • Blu-ray, HD DVD DRM busted...
  • FBI database hacked...
  • Phishing by phone...
  • Microsoft France site cracked...
  • Social networks poised to shape Net's future...
  • Windows Vista Beta 2 Available for Public Download...
  • Hacker Steals Energy Department Employee Data...
  • PQI Introduces 64GB NAND Flash 2.5" Disks...
  • MSIE (mshtml.dll) OBJECT tag vulnerability...

    More news... Submit news RSS
  • Cracks and Serials / Re: TurboTax for Canadians 2016
  • Cracks and Serials / Re: TurboTax for Canadians 2016
  • Cracks and Serials / Re: * Cast-soft Wysiwyg R37 cracked *
  • Cracks and Serials / Re: impГґt expert 2016
  • Cracks and Serials / Re: Ufile / ImpotExpert 2016
  • Cracks and Serials / Re: TurboTax for Canadians 2016
  • Cracks and Serials / Re: TurboTax for Canadians 2016
  • Cracks and Serials / Re: TurboTax for Canadians 2016
  • Cracks and Serials / Re: TurboTax for Canadians 2016
  • Cracks and Serials / Re: TurboTax for Canadians 2016

    Go to forums... RSS



  • Ya-Cyt SpyLOG - Спайлог Page Rank Checker