===================================================================== CERT-Renater Note d'Information No. 2005/VULN374 _____________________________________________________________________ DATE : 15/06/2005 HARDWARE PLATFORM(S) : / OPERATING SYSTEM(S) : Windows 98, Windows Me, Windows 2000, Windows XP, Windows Server 2003. ====================================================================== http://www.microsoft.com/technet/security/bulletin/MS05-026.mspx MS05-026 - Vulnerability in HTML Help Could Allow Remote Code Execution (896358) - Affected Software: - Windows 2000 Service Pack 3 - Windows 2000 Service Pack 4 - Windows XP Service Pack 1 - Windows XP Service Pack 2 - Windows XP 64-Bit Edition Service Pack 1 (Itanium) - Windows XP 64-Bit Edition Version 2003 (Itanium) - Windows XP Professional x64 Edition - Windows Server 2003 - Windows Server 2003 for Itanium-based Systems - Windows Server 2003 with SP1 for Itanium-based Systems - Windows Server 2003 x64 Edition - Review the FAQ section of bulletin MS05-O26 for information about these operating systems: - Windows 98 - Windows 98 Second Edition (SE) - Windows Millennium Edition (ME) - Impact: Remote Code Execution - Version Number: 1.0 - From the Microsoft Security Bulletin MS05-026: Vulnerability Details HTML Help Vulnerability - CAN-2005-1208 A remote code execution vulnerability exists in HTML Help that could allow an attacker who successfully exploited this vulnerability to take complete control of the affected system. ====================================================================== ========================================================= Les serveurs de référence du CERT-Renater http://www.urec.fr/securite http://www.cru.fr/securite http://www.renater.fr ========================================================= + CERT-RENATER | tel : 01-53-94-20-44 + + 151 bd de l'Hopital | fax : 01-53-94-20-41 + + 75013 Paris | email: certsvp@renater.fr + =========================================================