CERT-In Vulnerability Note CIVN-2009-12
Microsoft Windows .CHM buffer overflow vulnerability

Original Issue Date:January 21, 2009

Severity Rating: High

Systems Affected

• Windows XP SP3

Overview

A Buffer overflow has been reported in Microsoft Windows XP SP3 while processing .CHM files which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted .CHM file.

Description

Microsoft Compiled HTML Help (.CHM files ) is a proprietary format developed by Microsoft for online help files. It has a set of web pages written in a subset of HTML and a hyperlinked table of contents.
The vulnerability is due to improper validation of .CHM files. An unauthenticated, remote attacker could exploit this vulnerability by convincing a user to view a malicious .CHM file .The processing of the document could trigger memory corruption and the associated application to crash.

NOTE: Proof-of-concept code to exploit is publicly available on           internet.

Workaround

• Do not open or save unsolicited .CHM files that received from untrusted sources or that received unexpectedly from trusted sources.

References

SecurityFocus
http://www.securityfocus.com/bid/33204

ISS XFORCE
http://xforce.iss.net/xforce/xfdb/47867

CVE Name
CVE-2009-0119

CWE Name
CWE-119

Disclaimer

The information provided herein is on "as is" basis, without warranty of any kind.

Contact Information

Phone: +91-11-24368572

Postal address

Indian Computer Emergency Response Team (CERT-In)
Ministry of Communications and Information Technology
Electronics Niketan
6, C.G.O. Complex
New Delhi-110 003