Family: Windows : Microsoft Bulletins --> Category: infos
Microsoft Help Center Remote Code Execution (840374) Vulnerability Scan
Vulnerability Scan Summary
Checks for ms04-015 over the registry
Detailed Explanation for this Vulnerability Test
Arbitrary code can be executed on the remote host through the web client.
The remote host contains bugs in the Microsoft Help and Support Center
in the way it handles HCP URL validation. (840374)
A possible hacker could use this bug to execute arbitrary commands on the
remote host. To exploit this bug, a possible hacker would need to lure a user
of the remote host into visiting a rogue website or to click on a link
received in an email.
Microsoft has released a set of patches for Windows 2003 and XP :
High / CVSS Base Score : 8
Click HERE for more information and discussions on this network vulnerability scan.