{"vuid":"VU#29795","idnumber":"29795","name":"HHOpen ActiveX Control buffer overflow in OpenHelp method","keywords":["ActiveX Control","HHOpen","buffer overflow","OpenHelp"],"overview":"","clean_desc":"The HHOpen ActiveX control (hhopen.ocx) has a buffer overflow in the OpenHelp method. Because the control is marked safe-for-scripting, an attacker may be able to script this control and exploit the vulnerability when you visit a web page. The classID for the vulnerable control is: {130D7743-5F5A-11D1-B676-00A0C9697233}.","impact":"An attacker may be able to exploit a buffer overflow in the HHOpen ActiveX control and execute arbitrary code on the system of the person visiting a malicious web page.","resolution":"Apply a patch Apply the patch provided by Microsoft in Security Bulletin MS99-037. This patch sets the kill bit which prevents the control from being loaded by Internet Explorer.","workarounds":"Disable \"Script ActiveX controls marked safe for scripting\" In your Internet Explorer security settings, set this option to \"disable\" or \"prompt\".","sysaffected":"","thanks":"","author":"This document was written by Cory F Cohen.","public":["http://www.microsoft.com/technet/security/bulletin/ms99-037.asp","http://www.microsoft.com/technet/security/bulletin/fq99-037.asp","http://home.ntware.com/bugs/activex_bug__5.html"],"cveids":["CVE-1999-0702"],"certadvisory":"","uscerttechnicalalert":null,"datecreated":"2000-08-19T16:34:34Z","publicdate":"1999-09-10T00:00:00Z","datefirstpublished":"2000-10-31T18:47:37Z","dateupdated":"2000-11-01T15:08:19Z","revision":10,"vrda_d1_directreport":"","vrda_d1_population":"","vrda_d1_impact":"","cam_widelyknown":"20","cam_exploitation":"0","cam_internetinfrastructure":"0","cam_population":"15","cam_impact":"15","cam_easeofexploitation":"10","cam_attackeraccessrequired":"15","cam_scorecurrent":"12.65625","cam_scorecurrentwidelyknown":"12.65625","cam_scorecurrentwidelyknownexploited":"25.3125","ipprotocol":"","cvss_accessvector":"","cvss_accesscomplexity":"","cvss_authentication":null,"cvss_confidentialityimpact":"","cvss_integrityimpact":"","cvss_availabilityimpact":"","cvss_exploitablity":null,"cvss_remediationlevel":"","cvss_reportconfidence":"","cvss_collateraldamagepotential":"","cvss_targetdistribution":"","cvss_securityrequirementscr":"","cvss_securityrequirementsir":"","cvss_securityrequirementsar":"","cvss_basescore":"","cvss_basevector":"","cvss_temporalscore":"","cvss_environmentalscore":"","cvss_environmentalvector":"","metric":12.65625,"vulnote":null}