cbcvebase.
CVE-2006-2297
published 2006-05-10

CVE-2006-2297: Heap-based buffer overflow in Microsoft Infotech Storage System Library (itss.dll) allows user-assisted attackers to execute arbitrary code via a crafted CHM /…

PriorityP431medium4CVSS 2.0
AVNACHAuNCPIPAN
EXPLOIT
EPSS
19.36%
97.0th percentile
Heap-based buffer overflow in Microsoft Infotech Storage System Library (itss.dll) allows user-assisted attackers to execute arbitrary code via a crafted CHM / ITS file that triggers the overflow while decompiling.

Detection & IOCsextracted from sources · hover to see the quote

urlhttps://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/27850.chm
filename27850.chm
filenameitss.dll
commandhh -decompile
  • Monitor for execution of 'hh -decompile' against CHM or ITS files, which is a known trigger path for the heap overflow in itss.dll.
  • Inspect CHM and ITS files opened by Internet Explorer or hh.exe for heap corruption attempts in itss.dll (ITSS.DLL library).
  • Alert on user-assisted delivery of crafted CHM/ITS files, particularly those triggering heap-based buffer overflow during decompilation.
  • ·Exploitation requires user interaction — the victim must open a malicious CHM/ITS file via Internet Explorer or manually invoke hh -decompile, limiting automated exploitation.
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.