CVE-2006-2297
published 2006-05-10CVE-2006-2297: Heap-based buffer overflow in Microsoft Infotech Storage System Library (itss.dll) allows user-assisted attackers to execute arbitrary code via a crafted CHM /…
PriorityP431medium4CVSS 2.0
AVNACHAuNCPIPAN
EXPLOIT
EPSS
19.36%
97.0th percentile
Heap-based buffer overflow in Microsoft Infotech Storage System Library (itss.dll) allows user-assisted attackers to execute arbitrary code via a crafted CHM / ITS file that triggers the overflow while decompiling.
Detection & IOCsextracted from sources · hover to see the quote
- →Monitor for execution of 'hh -decompile' against CHM or ITS files, which is a known trigger path for the heap overflow in itss.dll. ↗
- →Inspect CHM and ITS files opened by Internet Explorer or hh.exe for heap corruption attempts in itss.dll (ITSS.DLL library). ↗
- →Alert on user-assisted delivery of crafted CHM/ITS files, particularly those triggering heap-based buffer overflow during decompilation. ↗
- ·Exploitation requires user interaction — the victim must open a malicious CHM/ITS file via Internet Explorer or manually invoke hh -decompile, limiting automated exploitation. ↗
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No writeups or analysis indexed.
http://secunia.com/advisories/20061http://securityreason.com/securityalert/886http://www.osvdb.org/25501http://www.reversemode.com/advisories/advisory-itss.pdfhttp://www.securityfocus.com/archive/1/433435/100/0/threadedhttp://www.securityfocus.com/archive/1/433833/30/5040/threadedhttp://www.securityfocus.com/archive/1/433854/100/0/threadedhttp://www.securityfocus.com/bid/17926http://www.vupen.com/english/advisories/2006/1761https://exchange.xforce.ibmcloud.com/vulnerabilities/26340http://secunia.com/advisories/20061http://securityreason.com/securityalert/886http://www.osvdb.org/25501http://www.reversemode.com/advisories/advisory-itss.pdfhttp://www.securityfocus.com/archive/1/433435/100/0/threadedhttp://www.securityfocus.com/archive/1/433833/30/5040/threadedhttp://www.securityfocus.com/archive/1/433854/100/0/threadedhttp://www.securityfocus.com/bid/17926http://www.vupen.com/english/advisories/2006/1761https://exchange.xforce.ibmcloud.com/vulnerabilities/26340
2006-05-10
Published