Vulnerability in N/a
CVE-2006-2297
Heap-based buffer overflow in Microsoft Infotech Storage System Library (itss.dll) allows user-assisted attackers to execute arbitrary code via a crafted CHM / ITS file that triggers the overflow while decompiling.
EPSS: 0.543 (98.1th percentile) — read the EPSS interpretation.
Affected products
- N/a — versions n/a
References
- 17926 (vdb-entry, x_refsource_BID)
- ADV-2006-1761 (vdb-entry, x_refsource_VUPEN)
- 886 (x_refsource_SREASON, third-party-advisory)
- 20061 (x_refsource_SECUNIA, third-party-advisory)
- 20060509 [Reversemode] Microsoft Infotech Storage library Heap Corruption (mailing-list, x_refsource_BUGTRAQ)
- 20060512 Re: [Reversemode] Microsoft Infotech Storage library Heap Corruption (mailing-list, x_refsource_BUGTRAQ)
- www.reversemode.com/advisories/advisory-itss.pdf (x_refsource_MISC)
- ms-itssdll-chm-bo(26340) (vdb-entry, x_refsource_XF)
- 25501 (x_refsource_OSVDB, vdb-entry)
- 20060510 Re: [Reversemode] Microsoft Infotech Storage library Heap Corruption (mailing-list, x_refsource_BUGTRAQ)