← back
CVE-2004-0474

CVE-2004-0474

EPSS 16.2%
Help Center (HelpCtr.exe) may allow remote attackers to read or execute arbitrary files via an "http://" or "file://" argument to the topic parameter in an hcp:// URL. NOTE: since the initial report of this problem, several researchers have been unable to reproduce this issue.
Affected products
n/a · n/a
public PoCs found1
exploitdbwww.exploit-db.com/exploits/23675unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://archives.neohapsis.com/archives/fulldisclosure/2004-02/0440.htmlhttp://archives.neohapsis.com/archives/fulldisclosure/2004-02/0450.htmlhttp://archives.neohapsis.com/archives/fulldisclosure/2004-02/0688.htmlhttp://marc.info/?l=bugtraq&m=107652584102003&w=2https://exchange.xforce.ibmcloud.com/vulnerabilities/15101http://www.securityfocus.com/archive/1/353248http://www.securityfocus.com/bid/9621