Intrusion Prevention



It indicates a possible exploit of "ShowHelp Arbitrary Command Execution vulnerability" in Microsoft Internet Explorer.

A vulnerability is reported in the showhelp() function of Internet explorer that may allow a remote attacker to execute arbitrary code on local computer zone with current user permission. An attacker can exploit this vulnerability to copy malicious code to the local system from internet zone. showhelp() function allows to access help content contained in the HTML page and also can do other actions using pluggable protocols. Cross domain Security restriction can be bypassed while calling showhlep() function so that by crafting malicious web pages it is possible to access information of other domains Or execute arbitrary code on the local system with current user permission.

Affected Products

Microsoft Internet Explorer 6.0 SP1 and earlier versions.


Compromise of the affected system.

Recommended Actions

Apply security patch to the system as given in the Microsoft Security Bulletin MS03-004.

CVE References