CVE-2002-0693: Buffer Overflow
First published: Sat Oct 05 2002(Updated: )
Buffer overflow in the HTML Help ActiveX Control (hhctrl.ocx) in Microsoft Windows 98, 98 Second Edition, Millennium Edition, NT 4.0, NT 4.0 Terminal Server Edition, Windows 2000, and Windows XP allows remote attackers to execute code via (1) a long parameter to the Alink function, or (2) script containing a long argument to the showHelp function.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Microsoft Windows 2000 | ||
| Microsoft Windows 2000 | =sp1 | |
| Microsoft Windows 2000 | =sp2 | |
| Microsoft Windows 2000 | =sp3 | |
| Microsoft Windows Terminal Services | ||
| Microsoft Windows Terminal Services | =sp1 | |
| Microsoft Windows Terminal Services | =sp2 | |
| Microsoft Windows Terminal Services | =sp3 | |
| Microsoft Windows 9x | =gold | |
| Microsoft Windows 98 | ||
| Microsoft Windows | ||
| Microsoft Windows NT | =4.0 | |
| Microsoft Windows NT | =4.0 | |
| Microsoft Windows NT | =4.0 | |
| Microsoft Windows NT | =4.0 | |
| Microsoft Windows NT | =4.0-sp1 | |
| Microsoft Windows NT | =4.0-sp1 | |
| Microsoft Windows NT | =4.0-sp1 | |
| Microsoft Windows NT | =4.0-sp1 | |
| Microsoft Windows NT | =4.0-sp2 | |
| Microsoft Windows NT | =4.0-sp2 | |
| Microsoft Windows NT | =4.0-sp2 | |
| Microsoft Windows NT | =4.0-sp2 | |
| Microsoft Windows NT | =4.0-sp3 | |
| Microsoft Windows NT | =4.0-sp3 | |
| Microsoft Windows NT | =4.0-sp3 | |
| Microsoft Windows NT | =4.0-sp3 | |
| Microsoft Windows NT | =4.0-sp4 | |
| Microsoft Windows NT | =4.0-sp4 | |
| Microsoft Windows NT | =4.0-sp4 | |
| Microsoft Windows NT | =4.0-sp4 | |
| Microsoft Windows NT | =4.0-sp5 | |
| Microsoft Windows NT | =4.0-sp5 | |
| Microsoft Windows NT | =4.0-sp5 | |
| Microsoft Windows NT | =4.0-sp5 | |
| Microsoft Windows NT | =4.0-sp6 | |
| Microsoft Windows NT | =4.0-sp6 | |
| Microsoft Windows NT | =4.0-sp6 | |
| Microsoft Windows NT | =4.0-sp6 | |
| Microsoft Windows NT | =4.0-sp6a | |
| Microsoft Windows NT | =4.0-sp6a | |
| Microsoft Windows NT | =4.0-sp6a | |
| Microsoft Windows NT | =4.0-sp6a | |
| Microsoft Windows XP | ||
| Microsoft Windows XP | =gold | |
| Microsoft Windows XP | =sp1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.iss.net/security_center/static/10253.php
- http://www.securityfocus.com/bid/5874
- http://marc.info/?l=bugtraq&m=103365849505409&w=2
- http://marc.info/?l=bugtraq&m=103419115517344&w=2
- http://marc.info/?l=bugtraq&m=103435279404182&w=2
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A374
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-055
Frequently Asked Questions
What is the severity of CVE-2002-0693?
CVE-2002-0693 is classified with a high severity rating due to the potential for remote code execution.
How do I fix CVE-2002-0693?
To fix CVE-2002-0693, apply the relevant patches or updates provided by Microsoft for affected Windows versions.
What systems are affected by CVE-2002-0693?
CVE-2002-0693 affects Microsoft Windows 98, 98 Second Edition, Millennium Edition, NT 4.0, Windows 2000, and Windows XP.
What types of attacks can exploit CVE-2002-0693?
Attackers can exploit CVE-2002-0693 through specially crafted parameters sent to the Alink function.
Can CVE-2002-0693 be exploited without user interaction?
Yes, CVE-2002-0693 can potentially be exploited remotely without requiring user interaction.
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/last-modified-date
- agent/author
- agent/references
- agent/weakness
- agent/description
- agent/event
- agent/first-publish-date
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/nvd-historical
- vendor/microsoft
- canonical/microsoft windows 2000
- version/microsoft windows 2000/sp1
- version/microsoft windows 2000/sp2
- version/microsoft windows 2000/sp3
- canonical/microsoft windows terminal services
- version/microsoft windows terminal services/sp1
- version/microsoft windows terminal services/sp2
- version/microsoft windows terminal services/sp3
- canonical/microsoft windows 9x
- version/microsoft windows 9x/gold
- canonical/microsoft windows 98
- canonical/microsoft windows
- canonical/microsoft windows nt
- version/microsoft windows nt/4.0
- version/microsoft windows nt/4.0-sp1
- version/microsoft windows nt/4.0-sp2
- version/microsoft windows nt/4.0-sp3
- version/microsoft windows nt/4.0-sp4
- version/microsoft windows nt/4.0-sp5
- version/microsoft windows nt/4.0-sp6
- version/microsoft windows nt/4.0-sp6a
- canonical/microsoft windows xp
- version/microsoft windows xp/gold
- version/microsoft windows xp/sp1