Lucene search

[email protected]CVE-2007-0468

HistoryJan 24, 2007 - 1:28 a.m.

CVE-2007-0468

2007-01-2401:28:00

[email protected]

web.nvd.nist.gov

cve

2007-0468

buffer overflow

rcdll.dll

msdev.exe

visual c++

msvc

microsoft visual studio 6.0 sp6

arbitrary code

remote attackers

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

7.9 High

AI Score

Confidence

High

0.259 Low

EPSS

Percentile

96.7%

JSON

Stack-based buffer overflow in rcdll.dll in msdev.exe in Visual C++ (MSVC) in Microsoft Visual Studio 6.0 SP6 allows user-assisted remote attackers to execute arbitrary code via a long file path in the “1 TYPELIB MOVEABLE PURE” option in an RC file.

Affected configurations

NVD

Node

microsoftvisual_studioMatch6.0sp6

CPENameOperatorVersion
microsoft:visual_studiomicrosoft visual studioeq6.0

CPE	Name	Operator	Version
microsoft:visual_studio	microsoft visual studio	eq	6.0

References

osvdb.org/31607

secunia.com/advisories/23856

securityreason.com/securityalert/2172

www.anspi.pl/~porkythepig/visualization/rc-kupiekrowe.cpp

www.securityfocus.com/archive/1/457646/100/0/threaded

www.vupen.com/english/advisories/2007/0296

exchange.xforce.ibmcloud.com/vulnerabilities/31665

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

7.9 High

AI Score

Confidence

High

0.259 Low

EPSS

Percentile

96.7%

JSON

Related for CVE-2007-0468

securityvulns2 prion1 nvd1 cvelist1