1. Home
  2. CVE Database
  3. CVE-2002-0693
HIGH · 7.5

CVE-2002-0693

Buffer overflow in the HTML Help ActiveX Control (hhctrl.ocx) in Microsoft Windows 98, 98 Second Edition, Millennium Edition, NT 4.0, NT 4.0 Terminal Server Edition, Windows 2000, and Windows XP allow...

Vulnerability Description

Buffer overflow in the HTML Help ActiveX Control (hhctrl.ocx) in Microsoft Windows 98, 98 Second Edition, Millennium Edition, NT 4.0, NT 4.0 Terminal Server Edition, Windows 2000, and Windows XP allows remote attackers to execute code via (1) a long parameter to the Alink function, or (2) script containing a long argument to the showHelp function.

CVSS Score

7.5

HIGH

AV:N/AC:L/Au:N/C:P/I:P/A:P
Confidentiality
PARTIAL
Integrity
PARTIAL
Availability
PARTIAL

Affected Products

VendorProductVersions
MicrosoftWindows 2000All versions
MicrosoftWindows 2000 Terminal ServicesAll versions
MicrosoftWindows 98All versions
MicrosoftWindows 98SeAll versions
MicrosoftWindows MeAll versions
MicrosoftWindows Nt4.0
MicrosoftWindows XpAll versions

References

FAQ

What is CVE-2002-0693?

CVE-2002-0693 is a vulnerability with a CVSS score of 7.5 (HIGH). Buffer overflow in the HTML Help ActiveX Control (hhctrl.ocx) in Microsoft Windows 98, 98 Second Edition, Millennium Edition, NT 4.0, NT 4.0 Terminal Server Edition, Windows 2000, and Windows XP allow...

How severe is CVE-2002-0693?

CVE-2002-0693 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2002-0693?

Check the references section above for vendor advisories and patch information. Affected products include: Microsoft Windows 2000, Microsoft Windows 2000 Terminal Services, Microsoft Windows 98, Microsoft Windows 98Se, Microsoft Windows Me.