CVE-2004-0474 | Vulnerability Database | Aqua Security

Help Center (HelpCtr.exe) may allow remote attackers to read or execute arbitrary files via an http:// or file:// argument to the topic parameter in an hcp:// URL. NOTE: since the initial report of this problem, several researchers have been unable to reproduce this issue.

Affected Software

Name	Vendor	Start Version	End Version
Windows_xp	Microsoft	*	*

References

http://archives.neohapsis.com/archives/fulldisclosure/2004-02/0440.html
http://archives.neohapsis.com/archives/fulldisclosure/2004-02/0450.html
http://archives.neohapsis.com/archives/fulldisclosure/2004-02/0688.html
http://marc.info/?l=bugtraq\u0026m=107652584102003\u0026w=2
http://www.securityfocus.com/archive/1/353248
http://www.securityfocus.com/bid/9621
https://exchange.xforce.ibmcloud.com/vulnerabilities/15101
http://archives.neohapsis.com/archives/fulldisclosure/2004-02/0440.html
http://archives.neohapsis.com/archives/fulldisclosure/2004-02/0450.html
http://archives.neohapsis.com/archives/fulldisclosure/2004-02/0688.html
http://marc.info/?l=bugtraq\u0026m=107652584102003\u0026w=2
http://www.securityfocus.com/archive/1/353248
http://www.securityfocus.com/bid/9621
https://exchange.xforce.ibmcloud.com/vulnerabilities/15101

NVD	https://nvd.nist.gov/vuln/detail/CVE-2004-0474
CWE	https://cwe.mitre.org/data/definitions/NVD-Other.html