CVE-2004-0199

Name of the Vulnerable Software and Affected Versions Microsoft Windows XP and Windows Server 2003 SP1

Description The issue concerns improper validation of HCP URLs in the Help and Support Center, allowing remote attackers to execute arbitrary code. This can be achieved by using certain hcp:// URLs that access the DVD Upgrade capability, specifically dvdupgrd.htm.

Recommendations For Microsoft Windows XP and Windows Server 2003 SP1, at the moment, there is no information about a newer version that contains a fix for this vulnerability.