source: https://www.securityfocus.com/bid/19490/info

The Microsoft Windows Help File viewer (winhlp32.exe) is prone to multiple remote vulnerabilities.

These vulnerabilities present themselves when the application handles specially crafted Windows Help (.hlp) files.

A successful attack may let the attacker crash the application or execute arbitrary code in the context of a vulnerable user who opens a malicious file.

Specific information regarding affected versions of Microsoft Windows is currently unavailable.

Update: Since help files can inherently execute arbitrary malicious code, this BID is being retired.

https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/28381.zip