Microsoft » Html Help Workshop : Security Vulnerabilities, CVEs, CVSS score >= 3
CVE-2009-0133
Public exploit
Buffer overflow in Microsoft HTML Help Workshop 4.74 and earlier allows context-dependent attackers to execute arbitrary code via a .hhp file with a long "Index file" field, possibly a related issue to CVE-2006-0564.
Max CVSS
10.0
EPSS Score
5.16%
Published
2009-01-15
Updated
2017-09-29
Stack-based buffer overflow in Microsoft Help Workshop 4.03.0002 allows user-assisted remote attackers to execute arbitrary code via a help project (.HPJ) file with a long HLP field in the OPTIONS section.
Max CVSS
9.3
EPSS Score
94.12%
Published
2007-01-23
Updated
2018-10-16
Stack-based buffer overflow in Microsoft Help Workshop 4.03.0002 allows user-assisted remote attackers to execute arbitrary code via a crafted .cnt file composed of lines that begin with an integer followed by a space and a long string.
Max CVSS
9.3
EPSS Score
90.82%
Published
2007-01-19
Updated
2018-10-16
CVE-2006-0564
Public exploit
Stack-based buffer overflow in Microsoft HTML Help Workshop 4.74.8702.0, and possibly earlier versions, and as included in the Microsoft HTML Help 1.4 SDK, allows context-dependent attackers to execute arbitrary code via a .hhp file with a long Contents file field.
Max CVSS
7.5
EPSS Score
60.96%
Published
2006-02-06
Updated
2017-07-20
4 vulnerabilities found