Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Signature Detail

Security Intelligence Center
Signatures
Print

This site is deprecated. Please CLICK HERE for latest updates

Short Name

 HTTP:EXT:DOT-CHM

Severity

 Info

Recommended

 No

Category

 HTTP

Keywords

 Microsoft Compiled Help (.chm) File Download

Release Date

 2004/07/13

Update Number

 1213

Supported Platforms

 idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+

HTTP: Microsoft Compiled Help (.chm) File Download


This signature detects an attempt to download a Microsoft Compiled Help (.chm) file. Opening a malicious .chm file can allow for arbitrary code execution, leading to system comprimise. This vulnerability is present in Microsoft Windows 2000 and Microsoft Windows XP. Please note that there are legitimate uses for this filetype. Therefore, not all instances of this signature are actual attacks.

Extended Description

Heap-based buffer overflow in the HtmlHelp program (hh.exe) in HTML Help for Microsoft Windows 98, Me, NT 4.0, 2000, XP, and Server 2003 allows remote attackers to execute arbitrary commands via a .CHM file with a large length field, a different vulnerability than CVE-2003-1041.

Affected Products

  • Avaya definity_one_media_server
  • Avaya ip600_media_servers
  • Avaya modular_messaging_message_storage_server s3400
  • Avaya s8100
  • Microsoft windows_2000 (:advanced_server)
  • Microsoft windows_2000 (:datacenter_server)
  • Microsoft windows_2000 (:professional)
  • Microsoft windows_2000 (:server)
  • Microsoft windows_2000 (sp1)
  • Microsoft windows_2000 (sp1:advanced_server)
  • Microsoft windows_2000 (sp1:datacenter_server)
  • Microsoft windows_2000 (sp1:professional)
  • Microsoft windows_2000 (sp1:server)
  • Microsoft windows_2000 (sp2)
  • Microsoft windows_2000 (sp2:advanced_server)
  • Microsoft windows_2000 (sp2:datacenter_server)
  • Microsoft windows_2000 (sp2:professional)
  • Microsoft windows_2000 (sp2:server)
  • Microsoft windows_2000 (sp3)
  • Microsoft windows_2000 (sp3:advanced_server)
  • Microsoft windows_2000 (sp3:datacenter_server)
  • Microsoft windows_2000 (sp3:professional)
  • Microsoft windows_2000 (sp3:server)
  • Microsoft windows_2000 (sp4)
  • Microsoft windows_2000 (sp4:advanced_server)
  • Microsoft windows_2000 (sp4:datacenter_server)
  • Microsoft windows_2000 (sp4:professional)
  • Microsoft windows_2000 (sp4:server)
  • Microsoft windows_2003_server enterprise
  • Microsoft windows_2003_server enterprise (:64-bit)
  • Microsoft windows_2003_server enterprise_64-bit
  • Microsoft windows_2003_server r2
  • Microsoft windows_2003_server r2 (:64-bit)
  • Microsoft windows_2003_server r2 (:datacenter_64-bit)
  • Microsoft windows_2003_server standard
  • Microsoft windows_2003_server standard (:64-bit)
  • Microsoft windows_2003_server web
  • Microsoft windows_98 (gold)
  • Microsoft windows_98se
  • Microsoft windows_me
  • Microsoft windows_nt 4.0
  • Microsoft windows_nt 4.0 (:enterprise_server)
  • Microsoft windows_nt 4.0 (:server)
  • Microsoft windows_nt 4.0 (sp1)
  • Microsoft windows_nt 4.0 (sp1:enterprise_server)
  • Microsoft windows_nt 4.0 (sp1:server)
  • Microsoft windows_nt 4.0 (sp1:terminal_server)
  • Microsoft windows_nt 4.0 (sp1:workstation)
  • Microsoft windows_nt 4.0 (sp2)
  • Microsoft windows_nt 4.0 (sp2:enterprise_server)
  • Microsoft windows_nt 4.0 (sp2:server)
  • Microsoft windows_nt 4.0 (sp2:terminal_server)
  • Microsoft windows_nt 4.0 (sp2:workstation)
  • Microsoft windows_nt 4.0 (sp3)
  • Microsoft windows_nt 4.0 (sp3:enterprise_server)
  • Microsoft windows_nt 4.0 (sp3:server)
  • Microsoft windows_nt 4.0 (sp3:terminal_server)
  • Microsoft windows_nt 4.0 (sp3:workstation)
  • Microsoft windows_nt 4.0 (sp4)
  • Microsoft windows_nt 4.0 (sp4:enterprise_server)
  • Microsoft windows_nt 4.0 (sp4:server)
  • Microsoft windows_nt 4.0 (sp4:terminal_server)
  • Microsoft windows_nt 4.0 (sp4:workstation)
  • Microsoft windows_nt 4.0 (sp5)
  • Microsoft windows_nt 4.0 (sp5:enterprise_server)
  • Microsoft windows_nt 4.0 (sp5:server)
  • Microsoft windows_nt 4.0 (sp5:terminal_server)
  • Microsoft windows_nt 4.0 (sp5:workstation)
  • Microsoft windows_nt 4.0 (sp6)
  • Microsoft windows_nt 4.0 (sp6a)
  • Microsoft windows_nt 4.0 (sp6a:enterprise_server)
  • Microsoft windows_nt 4.0 (sp6a:server)
  • Microsoft windows_nt 4.0 (sp6a:workstation)
  • Microsoft windows_nt 4.0 (sp6:enterprise_server)
  • Microsoft windows_nt 4.0 (sp6:server)
  • Microsoft windows_nt 4.0 (sp6:terminal_server)
  • Microsoft windows_nt 4.0 (sp6:workstation)
  • Microsoft windows_nt 4.0 (:terminal_server)
  • Microsoft windows_nt 4.0 (:workstation)
  • Microsoft windows_xp (:64-bit)
  • Microsoft windows_xp (gold)
  • Microsoft windows_xp (gold:professional)
  • Microsoft windows_xp (:home)
  • Microsoft windows_xp (sp1)
  • Microsoft windows_xp (sp1:64-bit)
  • Microsoft windows_xp (sp1:home)

References

  • BugTraq: 10705
  • CVE: CVE-2004-0201
  • URL: http://www.microsoft.com/technet/security/bulletin/MS04-023.mspx
  • URL: http://support.microsoft.com/?kbid=291369

Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy Policy
Legal Notices
Copyright © 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out