Lucene search
K
MicrosoftVisual Studio2008

13 matches found

CVE
CVE
added 2009/07/29 5:0 p.m.304 views

CVE-2009-0901

CVE-2009-0901 describes a remote code execution vulnerability in Microsoft Active Template Library (ATL) used by Visual Studio and Windows components. The issue arises when ATL headers mishandle uninitialized VARIANTs, allowing a specially crafted stream to trigger VariantClear on an uninitialize...

9.3CVSS7.4AI score0.42004EPSS
CVE
CVE
added 2010/08/31 7:25 p.m.246 views

CVE-2010-3190

CVE-2010-3190 affects the Microsoft Foundation Class (MFC) library used by Visual Studio (2003 SP1; 2005 SP1/2008 SP1/2010) and Exchange Server 2010/2013. Vulnerability arises from untrusted search path loading of dwmapi.dll in the current working directory, enabling local privilege escalation th...

9.3CVSS7.4AI score0.09038EPSS
CVE
CVE
added 2009/07/29 5:0 p.m.210 views

CVE-2009-2493

CVE-2009-2493 : Microsoft’s ATL vulnerability enables remote code execution when a user loads a specially crafted component/control hosted on a malicious page. The issue is described in MS09-037 (ATL vulnerabilities) and is addressed by Microsoft security bulletin updates; affected products inclu...

9.3CVSS7.2AI score0.43389EPSS
CVE
CVE
added 2009/07/29 5:0 p.m.186 views

CVE-2009-2495

CVE-2009-2495 is part of the ATL mathing family addressed by Microsoft in MS09-035/MS09-060. The vulnerability is the ATL Null String Vulnerability, where an attacker could read memory beyond the end of a string due to improper termination in ATL-based components/controls built with Visual Studio...

7.8CVSS5.9AI score0.41869EPSS
CVE
CVE
added 2011/06/16 8:21 p.m.178 views

CVE-2011-1280

CVE-2011-1280 is the XML External Entities Resolution vulnerability affecting Microsoft XML Editor components used with InfoPath 2007 SP2/2010, SQL Server 2005 SP3/4, 2008 SP1/2/R2, SSMSE 2005, and Visual Studio 2005 SP1/2008 SP1/2010. Technical detail from connected documents shows that the issu...

4.3CVSS7AI score0.15254EPSS
CVE
CVE
added 2012/03/13 9:0 p.m.173 views

CVE-2012-0008

CVE-2012-0008 affects Microsoft Visual Studio 2008 SP1, 2010, and 2010 SP1 via an untrusted search path vulnerability that allows local privilege escalation when a Trojan horse add-in is loaded from an arbitrary directory. The underlying issue is improper validation/loading of add-ins in the Visu...

6.9CVSS6.4AI score0.01686EPSS
CVE
CVE
added 2009/10/14 10:0 a.m.160 views

CVE-2009-2500

This CVE corresponds to MS09-062: GDI+ WMF Integer Overflow Vulnerability. Affected are Microsoft GDI+ image-processing paths used by WMF, PNG, TIFF, BMP handling across Windows components and Office/Viewer products (e.g., IE6, Office suites, Visio, Project, SQL/Report Viewer, Forefront Client Se...

9.3CVSS7.9AI score0.23647EPSS
CVE
CVE
added 2009/10/14 10:0 a.m.156 views

CVE-2009-2528

CVE-2009-2528 is a memory corruption vulnerability in GDI+ used by Microsoft Office XP/2000 when parsing Office Art Property Tables. A crafted Office document can trigger remote code execution. Microsoft Security Bulletin MS09-062 (KB957488) provides patches; apply the MS09-062 updates to remedia...

9.3CVSS7.2AI score0.20452EPSS
CVE
CVE
added 2009/10/14 10:0 a.m.145 views

CVE-2009-3126

CVE-2009-3126 corresponds to the GDI+ PNG Integer Overflow vulnerability described in MS09-062. The issue arises from an integer overflow in GDI+ when processing PNG images, which could allow remote code execution if a user opens a specially crafted image. The vulnerability affects a wide range o...

9.3CVSS9.7AI score0.23461EPSS
CVE
CVE
added 2009/10/14 10:0 a.m.127 views

CVE-2009-2501

CVE-2009-2501 describes a heap-based buffer overflow in Microsoft GDI+ when processing PNG images, enabling remote code execution via crafted PNGs. Affected software/contexts include Internet Explorer 6 SP1 on Windows XP (SP2/SP3) and various Microsoft Office components and viewers that rely on G...

9.3CVSS9.7AI score0.26824EPSS
CVE
CVE
added 2009/10/14 10:0 a.m.117 views

CVE-2009-2502

CVE-2009-2502 is a GDI+ TIFF buffer overflow vulnerability that could allow remote code execution when processing a specially crafted TIFF image. The vulnerability affects multiple Microsoft products enabled via Internet Explorer 6 SP1, various Windows and Office suites, Viewer components, and re...

9.3CVSS9.7AI score0.22025EPSS
CVE
CVE
added 2009/10/14 10:0 a.m.104 views

CVE-2009-2504

CVE-2009-2504 corresponds to MS09-062: multiple remote code execution vulnerabilities in Windows GDI+ exposed via GDI+ APIs used by .NET Framework and Office components. The issue stems from integer overflows/buffer handling in GDI+, enabling remote code execution when rendering crafted images in...

9.3CVSS9.7AI score0.20982EPSS
CVE
CVE
added 2009/10/14 10:0 a.m.102 views

CVE-2009-2503

CVE-2009-2503 is a GDI+ memory corruption vulnerability in Microsoft components that can be triggered by a crafted TIFF image file, enabling remote code execution. The weakness resides in how GDI+ allocates memory when processing TIFFs, affecting a wide range of Windows and Office products listed...

9.3CVSS9.6AI score0.22205EPSS