56 matches found
CVE-2007-4254
CVE-2007-4254 is a stack-based buffer overflow in the MSVDTActiveX control (VDT70.DLL) used by Microsoft Visual Database Tools Database Designer 7.0 (Visual Studio 6). The NotSafe method accepts a long argument, which can overflow a buffer and enable remote code execution. The vulnerability affec...
CVE-2006-1043
CVE-2006-1043: A stack-based buffer overflow in Microsoft Visual Studio 6.0 and Visual InterDev 6.0 occurs when processing overly long DataProject fields in .dbp or .sln files. Root cause is improper boundary checks for long project name strings in Database Project (.dbp) and Solution (.sln) file...
CVE-2007-4891
CVE-2007-4891 concerns the PDWizard.ocx ActiveX control in Microsoft Visual Studio 6.0. Affected component: PDWizard.ocx (Visual Studio 6.0) with versions 6.0.0.9782 and earlier. Root cause: the PDWizard.ocx ActiveX control exposes dangerous methods (StartProcess, SyncShell, SaveAs, CABDefaultURL...
CVE-2007-4890
CVE-2007-4890 affects the VB To VSI Support Library (VBTOVSI.DLL) 1.0.0.0 within Microsoft Visual Studio 6.0. The vulnerability is an absolute directory traversal in the SaveAs method that allows remote attackers to create or overwrite arbitrary files via a full pathname; the Load method can copy...
CVE-2006-4494
Microsoft Visual Studio 6.0 is affected. The vulnerability arises when remote attackers instantiate specific Visual Studio 6.0 ActiveX COM objects in Internet Explorer (tcprops.dll, fp30wec.dll, mdt2db.dll, mdt2qd.dll, vi30aut.dll), causing memory corruption that can lead to a denial of service a...
CVE-2007-0468
CVE-2007-0468 describes a stack-based buffer overflow in rcdll.dll inside msdev.exe (Visual C++ MSVC) of Microsoft Visual Studio 6.0 SP6. The vulnerability is triggered by a long file path in the RC file’s 1 TYPELIB MOVEABLE PURE option, allowing a user-assisted attacker to execute arbitrary code...