Security Home > Windows 95, 98 & ME

HyperTerminal Buffer Overflow Vulnerability

A security vulnerability exists in the HyperTerminal application which allow a malicious user to execute arbitrary code on another user’s system.

Issue

The HyperTerminal application is a utility that installs, by default, on all versions of Windows 98, 98SE, Windows ME, Windows NT, and Windows 2000. The product contains an unchecked buffer in a section of the code that processes Telnet URLs. If a user opened an HTML mail that contained a particularly malformed Telnet URL, it would result in a buffer overrun that could enable the creator of the mail to cause arbitrary code to run on the user’s system.

Affected Products

  • HyperTerminal

Solution

Software patches are available from the following locations:

Further Details

Source: Microsoft Corporation

Reference: Microsoft Corporation

Updated: October 18, 2000

>> Recommended Download - secure your PC from spyware, adware and malware now with Spyware Doctor <<