CVE-2007-0214

Name of the Vulnerable Software and Affected Versions Microsoft Windows versions prior to the fixed version

Description A remote code execution issue exists in the HTML Help ActiveX control (Hhctrl.ocx), allowing attackers to execute arbitrary code via unspecified functions related to uninitialized parameters, such as uninitialized parameters. This could be exploited by constructing a specially crafted Web page, potentially allowing remote code execution if a user visited that page. An attacker who successfully exploited this issue could take complete control of an affected system.

Recommendations For Microsoft Windows 2000 SP3, XP SP2 and Professional, 2003 SP1, update to a version that includes the fix for this issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.