CVE-2004-1306

Name of the Vulnerable Software and Affected Versions: Windows NT, Windows 2000 through SP4, Windows XP through SP2, Windows 2003

Description: A heap-based buffer overflow issue exists, allowing remote attackers to execute arbitrary code via a crafted .hlp file. This issue is related to the winhlp32.exe component.

Recommendations: For Windows NT, consider applying security patches or updates to address the issue. For Windows 2000 through SP4, apply the available security patch to fix the problem. For Windows XP through SP2, update to a newer service pack or apply a security patch. For Windows 2003, apply a security patch or update to resolve the issue. As a temporary workaround, consider restricting access to .hlp files or disabling the winhlp32.exe component until a patch is available.