11 matches found
CVE-2004-0200
CVE-2004-0200 is a buffer-overflow vulnerability in the JPEG parsing engine of Microsoft GDI+ (GDIPlus.dll). The flaw allows remote code execution when a specially crafted JPEG image is processed, with the attack vector involving JPEG data that is mis-sized during a memory copy. The vulnerability...
CVE-2008-4254
CVE-2008-4254 describes a remote code execution vulnerability in the Microsoft Visual Basic 6.0 Runtime Extended Files Hierarchical FlexGrid ActiveX control (mshflxgd.ocx). The issue arises from multiple integer overflows in the Hierarchical FlexGrid control when manipulating the Rows/Cols proper...
CVE-2008-3704
CVE-2008-3704 corresponds to a heap-based buffer overflow in the MaskedEdit ActiveX control (Msmask32.ocx) that occurs when a long Mask parameter is processed. The defect affects Msmask32.ocx version 6.0.81.69 and possibly earlier versions (up to 6.0.84.18), within Microsoft Visual Studio 6.0, Vi...
CVE-2008-4255
MODE_C: CVE-2008-4255 maps to a heap-based buffer overflow in MS MSCOMCT2.OCX (Visual Basic 6.0 ActiveX control) used by VB6 runtimes, Visual FoxPro, and Office Project components. The flaw occurs when parsing a malformed AVI stream, leading to memory corruption and remote code execution. Affecte...
CVE-2008-4256
The CVE-2008-4256 entry maps to the Charts ActiveX Control memory corruption vulnerability in Microsoft Visual Basic 6.0 runtime components (notably Mschart20.ocx) and related VB/FoxPro runtimes. The root cause is improper error handling when accessing incorrectly initialized objects, enabling re...
CVE-2005-2127
CVE-2005-2127 is a remote code-execution vulnerability in Internet Explorer 5.01/5.5/6 related to memory corruption when instantiating certain COM objects not designed for IE. The issue, documented as COM Object Instantiation Memory Corruption, affects multiple CLSIDs (e.g., Msdds.dll, Blnmgrps.d...
CVE-2008-4252
CVE-2008-4252, -4253, -4254, -4255, -4256 describe memory corruption vulnerabilities in Visual Basic 6.0 ActiveX Controls (DataGrid, FlexGrid, Hierarchical FlexGrid, Windows Common AVI Parsing, Charts, Masked Edit). Exploitation vector involves remote code execution by delivering a crafted web pa...
CVE-2008-4253
CVE-2008-4253 is a remote code execution vulnerability in the FlexGrid ActiveX control used by Visual Basic 6.0, Visual FoxPro 8.0 SP1/9.0 SP1/SP2, Office FrontPage 2002 SP3, and Office Project 2003 SP3. The issue arises when the ActiveX control handles errors during access to improperly initiali...
CVE-2007-1201
CVE-2007-1201 is a remote code execution vulnerability in Microsoft Office Web Components 2000 related to the DataSource handling that can trigger memory corruption. Multiple sources describe the DataSource Vulnerability as allowing an attacker to execute arbitrary code in the user’s context by v...
CVE-2006-6133
CVE-2006-6133 is a remote-code-execution flaw in Crystal Reports for Visual Studio, affecting Visual Studio 2002/2003/2005 variants that bundle Crystal Reports. The vulnerability lies in how RPT files are parsed, allowing a crafted RPT file to execute arbitrary code with the caller’s privileges w...
CVE-2007-1512
The CVE-2007-1512 entry describes a stack-based overflow in the MFC component (AfxOleSetEditMenu) of MFC42u.dll when processing an RTF file with a malformed embedded OLE object. This affects Windows 2000 SP4, XP SP2, and Server 2003 SP1/Gold, and Visual Studio .NET 2000/2002/2003 families. The ov...