MS.Windows.Help.Center.Protocol.Malformed.Escape.Sequence

description-logoDescription

This indicates an attack attempt against a vulnerability in Microsoft Help and Support Centre.
The vulnerability is caused by the vulnerable software failing to sanitize malformed escaped sequences. It may allow a remote attacker to execute
arbitrary command via a crafted hcp:// URL.

affected-products-logoAffected Products

Windows XP Service Pack 2 and Windows XP Service Pack 3
Windows XP Professional x64 Edition Service Pack 2
Windows Server 2003 Service Pack 2
Windows Server 2003 x64 Edition Service Pack 2
Windows Server 2003 with SP2 for Itanium-based Systems

Impact logoImpact

Security Bypass
Arbitrary Command Execution

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)