Microsoft: >> Windows Xp Security Vulnerabilities
Buffer overflow in helpctr.exe program in Microsoft Help Center for Windows XP allows remote attackers to execute arbitrary code via a long hcp: URL.
CVSS Score
7.5
EPSS Score
0.208
Published
2001-11-21
The default configuration for the domain name resolver for Microsoft Windows 98, NT 4.0, 2000, and XP sets the QueryIpMatching parameter to 0, which causes Windows to accept DNS updates from hosts that it did not query, which allows remote attackers to poison the DNS cache.
CVSS Score
9.8
EPSS Score
0.017
Published
2000-04-14
Page 136