| CVE Number | Vulnerability | Product | Severity | Date |
|---|---|---|---|---|
| MS07-008 | Vulnerability in HTML Help ActiveX Control Could Allow Remote Code Execution (928843) | Microsoft Windows | Critical | 14-02-2007 |
Technical Information
Brief overview of the risk:
A remote code execution vulnerability exists in the HTML Help ActiveX control. An attacker could exploit the vulnerability by constructing a specially crafted Web page that could potentially allow remote code execution if a user visited that page. An attacker who successfully exploited this vulnerability could take complete control of an affected system.
Detailed Information on the risk:
This bulletin covers a vulnerability in the HTML Help ActiveX Control. This issue is difficult to reproduce and public exploitation is considered unlikely.Further information on this exploit is available at : MS07-008
Affected Software
Microsoft Windows 2000 Service Pack 4Microsoft Windows XP Service Pack 2
Microsoft Windows XP Professional x64 Edition
Microsoft Windows Server 2003 and Microsoft Windows Server 2003 Service Pack 1
Microsoft Windows Server 2003 for Itanium-based Systems and Microsoft Windows Server 2003 with SP1 for Itanium-based Systems
Microsoft Windows Server 2003 x64 Edition