CVE-2007-0427

Name of the Vulnerable Software and Affected Versions Microsoft Help Workshop version 4.03.0002

Description The issue is a stack-based buffer overflow that allows remote attackers to execute arbitrary code. This is achieved through a help project (.HPJ) file with a long HLP field in the OPTIONS section.

Recommendations For Microsoft Help Workshop version 4.03.0002, consider avoiding the use of .HPJ files with long HLP fields in the OPTIONS section until a fix is available. As a temporary workaround, restrict the handling of .HPJ files to minimize the risk of exploitation.