CVSS: 6.2EPSS: 4%CPEs: 1EXPL: 1CVE-2007-4890 – Microsoft Visual Studio 6.0 - 'VBTOVSI.dll 1.0.0.0' File Overwrite
https://notcve.org/view.php?id=CVE-2007-4890
14 Sep 2007 — Absolute directory traversal vulnerability in a certain ActiveX control in the VB To VSI Support Library (VBTOVSI.DLL) 1.0.0.0 in Microsoft Visual Studio 6.0 allows remote attackers to create or overwrite arbitrary files via a full pathname in the argument to the SaveAs method. NOTE: contents can be copied from local files via the Load method. Vulnerabilidad de salto de directorio absoluto en un determinado control ActiveX en la biblioteca de Soporte VB a VSI (VBTOVSI.DLL) 1.0.0.0 de Microsoft Visual Studio... • https://www.exploit-db.com/exploits/4394 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 9.8EPSS: 86%CPEs: 2EXPL: 2CVE-2007-4891 – Microsoft Visual Studio 6.0 - 'PDWizard.ocx' Remote Command Execution
https://notcve.org/view.php?id=CVE-2007-4891
14 Sep 2007 — A certain ActiveX control in PDWizard.ocx 6.0.0.9782 and earlier in Microsoft Visual Studio 6.0 exposes dangerous (1) StartProcess, (2) SyncShell, (3) SaveAs, (4) CABDefaultURL, (5) CABFileName, and (6) CABRunFile methods, which allows remote attackers to execute arbitrary programs and have other impacts, as demonstrated using absolute pathnames in arguments to StartProcess and SyncShell. Un determinado control ActiveX de PDWizard.ocx 6.0.0.9782 y versiones anteriores de Microsoft Visual Studio 6.0 expone m... • https://www.exploit-db.com/exploits/4393 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 8.8EPSS: 6%CPEs: 2EXPL: 1CVE-2007-4254 – Microsoft Visual 6 - 'VDT70.dll NotSafe' Remote Stack Overflow
https://notcve.org/view.php?id=CVE-2007-4254
08 Aug 2007 — Stack-based buffer overflow in a certain ActiveX control in VDT70.DLL in Microsoft Visual Database Tools Database Designer 7.0 for Microsoft Visual Studio 6 allows remote attackers to execute arbitrary code via a long argument to the NotSafe method. NOTE: this may overlap CVE-2007-2885 or CVE-2005-2127. Desbordamiento de búfer basado en pila en un determinado control ActiveX de VDT70.DLL en Microsoft Visual Database Tools Database Designer 7.0 para Microsoft Visual Studio 6 permite a atacantes remotos ejecu... • https://www.exploit-db.com/exploits/4259 •
CVSS: 7.8EPSS: 36%CPEs: 1EXPL: 2CVE-2007-0468
https://notcve.org/view.php?id=CVE-2007-0468
24 Jan 2007 — Stack-based buffer overflow in rcdll.dll in msdev.exe in Visual C++ (MSVC) in Microsoft Visual Studio 6.0 SP6 allows user-assisted remote attackers to execute arbitrary code via a long file path in the "1 TYPELIB MOVEABLE PURE" option in an RC file. Desbordamiento de búfer basado en pila en rcdll.dll en msdev.exe de Visual C++ (MSVC) en Microsoft Visual Studio 6.0 SP6 permite a atacantes remotos con la complicidad del usuario ejecutar código de su elección mediante una ruta de fichero larga en la opción "1 ... • http://osvdb.org/31607 •
CVSS: 7.8EPSS: 7%CPEs: 2EXPL: 2CVE-2006-4494 – Microsoft Internet Explorer 6 - Visual Studio COM Object Instantiation Denial of Service
https://notcve.org/view.php?id=CVE-2006-4494
31 Aug 2006 — Microsoft Visual Studio 6.0 allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code by instantiating certain Visual Studio 6.0 ActiveX COM Objects in Internet Explorer, including (1) tcprops.dll, (2) fp30wec.dll, (3) mdt2db.dll, (4) mdt2qd.dll, and (5) vi30aut.dll. Microsoft Visual Studio 6.0 permite a atacantes remotos provocar una denegación de servicio (corrupción de memoria) y posiblemente ejecutar código arbitrario instanciando objetos Visual Studio ... • https://www.exploit-db.com/exploits/28401 •
CVSS: 7.8EPSS: 96%CPEs: 7EXPL: 3CVE-2006-1043 – Microsoft Visual Studio 6.0 sp6 - '.dbp' Local Buffer Overflow
https://notcve.org/view.php?id=CVE-2006-1043
07 Mar 2006 — Stack-based buffer overflow in Microsoft Visual Studio 6.0 and Microsoft Visual InterDev 6.0 allows user-assisted attackers to execute arbitrary code via a long DataProject field in a (1) Visual Studio Database Project File (.dbp) or (2) Visual Studio Solution (.sln). • https://www.exploit-db.com/exploits/1555 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 6%CPEs: 2EXPL: 0CVE-2001-0153
https://notcve.org/view.php?id=CVE-2001-0153
03 May 2001 — Buffer overflow in VB-TSQL debugger object (vbsdicli.exe) in Visual Studio 6.0 Enterprise Edition allows remote attackers to execute arbitrary commands. • http://razor.bindview.com/publish/advisories/adv_vbtsql.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 0%CPEs: 9EXPL: 0CVE-2000-0162
https://notcve.org/view.php?id=CVE-2000-0162
18 Feb 2000 — The Microsoft virtual machine (VM) in Internet Explorer 4.x and 5.x allows a remote attacker to read files via a malicious Java applet that escapes the Java sandbox, aka the "VM File Reading" vulnerability. • https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-011 •