Intrusion Prevention

MS.Windows.Help.Center.Protocol.Malformed.Escape.Sequence

Description

This indicates an attack attempt against a vulnerability in Microsoft Help and Support Centre.
The vulnerability is caused by the vulnerable software failing to sanitize malformed escaped sequences. It may allow a remote attacker to execute
arbitrary command via a crafted hcp:// URL.

Affected Products

Windows XP Service Pack 2 and Windows XP Service Pack 3
Windows XP Professional x64 Edition Service Pack 2
Windows Server 2003 Service Pack 2
Windows Server 2003 x64 Edition Service Pack 2
Windows Server 2003 with SP2 for Itanium-based Systems

Impact

Security Bypass
Arbitrary Command Execution

CVE References

CVE-2010-1885