Vulnerabilities > CVE-2004-0474 - Unspecified vulnerability in Microsoft Windows XP
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN microsoft
exploit available
Summary
Help Center (HelpCtr.exe) may allow remote attackers to read or execute arbitrary files via an "http://" or "file://" argument to the topic parameter in an hcp:// URL. NOTE: since the initial report of this problem, several researchers have been unable to reproduce this issue.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| OS | 3 |
Exploit-Db
| description | Microsoft Windows XP HCP URI Handler Arbitrary Command Execution Vulnerability. CVE-2004-0474. Remote exploit for windows platform |
| id | EDB-ID:23675 |
| last seen | 2016-02-02 |
| modified | 2004-02-09 |
| published | 2004-02-09 |
| reporter | Bartosz Kwitkowski |
| source | https://www.exploit-db.com/download/23675/ |
| title | Microsoft Windows XP HCP URI Handler Arbitrary Command Execution Vulnerability |
References
- http://archives.neohapsis.com/archives/fulldisclosure/2004-02/0440.html
- http://archives.neohapsis.com/archives/fulldisclosure/2004-02/0440.html
- http://archives.neohapsis.com/archives/fulldisclosure/2004-02/0450.html
- http://archives.neohapsis.com/archives/fulldisclosure/2004-02/0450.html
- http://archives.neohapsis.com/archives/fulldisclosure/2004-02/0688.html
- http://archives.neohapsis.com/archives/fulldisclosure/2004-02/0688.html
- http://marc.info/?l=bugtraq&m=107652584102003&w=2
- http://marc.info/?l=bugtraq&m=107652584102003&w=2
- http://www.securityfocus.com/archive/1/353248
- http://www.securityfocus.com/archive/1/353248
- http://www.securityfocus.com/bid/9621
- http://www.securityfocus.com/bid/9621
- https://exchange.xforce.ibmcloud.com/vulnerabilities/15101
- https://exchange.xforce.ibmcloud.com/vulnerabilities/15101