VULHUB ™

CERT Advisory CA-2000-12 - HHCtrl ActiveX Control allows local files to be executed. The HHCtrl ActiveX control has a serious vulnerability that allows remote intruders to execute arbitrary code, if the intruder can cause a compiled help file (CHM) to be stored "locally." Microsoft has released a security bulletin and a patch for this vulnerability, but the patch does not address all circumstances under which the vulnerability can be exploited. This document discusses additional ways in which this vulnerability can be exploited.

CERT Advisory CA-2000-12 - HHCtrl ActiveX Control allows local files to be executed. The HHCtrl ActiveX control has a serious vulnerability that allows remote intruders to execute arbitrary code, if the intruder can cause a compiled help file (CHM) to be stored "locally." Microsoft has released a security bulletin and a patch for this vulnerability, but the patch does not address all circumstances under which the vulnerability can be exploited. This document discusses additional ways in which this vulnerability can be exploited.