cve/2005/CVE-2005-1208.md

CVE-2005-1208

Description

Integer overflow in Microsoft Windows 98, 2000, XP SP2 and earlier, and Server 2003 SP1 and earlier allows remote attackers to execute arbitrary code via a crafted compiled Help (.CHM) file with a large size field that triggers a heap-based buffer overflow, as demonstrated using a "ms-its:" URL in Internet Explorer.

POC

Reference

• https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-026

Github

No PoCs found on GitHub currently.