CVE-2006-1043
MEDIUM severity · CVSS 5.1 · Memory corruption
5.1CVSS MEDIUM
Summary
Stack-based buffer overflow in Microsoft Visual Studio 6.0 and Microsoft Visual InterDev 6.0 allows user-assisted attackers to execute arbitrary code via a long DataProject field in a (1) Visual Studio Database Project File (.dbp) or (2) Visual Studio Solution (.sln).
Impact & exploitability
Attack vectorNetwork
Attack complexityHigh
Privileges required—
User interaction—
Confidentiality impact—
Integrity impact—
Availability impact—
Exploit probability (EPSS)22%
AV:N/AC:H/Au:N/C:P/I:P/A:P
Affected products we track (1)
Recommendation
Apply the vendor fix in your normal patch cycle. Open any affected product above for its exact safe version.
Additional information
- NVD record
- http://secunia.com/advisories/19081Advisory
- http://securitytracker.com/id?1015721Advisory
- http://www.frsirt.com/exploits/20060305.ms-visual-dbp.c.phpAdvisory
- http://www.vupen.com/english/advisories/2006/0825Advisory
- http://www.osvdb.org/23711
- http://www.securityfocus.com/archive/1/426767/100/0/threaded
- http://www.securityfocus.com/archive/1/426830/100/0/threaded
- http://www.securityfocus.com/bid/16953