CVE-2007-4890 – Microsoft Visual Studio 6.0 - 'VBTOVSI.dll 1.0.0.0' File Overwrite
https://notcve.org/view.php?id=CVE-2007-4890
Absolute directory traversal vulnerability in a certain ActiveX control in the VB To VSI Support Library (VBTOVSI.DLL) 1.0.0.0 in Microsoft Visual Studio 6.0 allows remote attackers to create or overwrite arbitrary files via a full pathname in the argument to the SaveAs method. NOTE: contents can be copied from local files via the Load method. Vulnerabilidad de salto de directorio absoluto en un determinado control ActiveX en la biblioteca de Soporte VB a VSI (VBTOVSI.DLL) 1.0.0.0 de Microsoft Visual Studio 6.0 permite a atacantes remotos crear o sobre-escribir ficheros de su elección mediante un nombre de ruta completo en el argumento del método SaveAs. NOTA: Los contenidos pueden ser copiados de ficheros locales mediante el método Load. • https://www.exploit-db.com/exploits/4394 http://secunia.com/advisories/26779 http://shinnai.altervista.org/exploits/txt/TXT_qwFZc3a35RLy5AGxVBjJ.html http://www.securityfocus.com/bid/25635 https://exchange.xforce.ibmcloud.com/vulnerabilities/36571 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVE-2007-4891 – Microsoft Visual Studio 6.0 - 'PDWizard.ocx' Remote Command Execution
https://notcve.org/view.php?id=CVE-2007-4891
A certain ActiveX control in PDWizard.ocx 6.0.0.9782 and earlier in Microsoft Visual Studio 6.0 exposes dangerous (1) StartProcess, (2) SyncShell, (3) SaveAs, (4) CABDefaultURL, (5) CABFileName, and (6) CABRunFile methods, which allows remote attackers to execute arbitrary programs and have other impacts, as demonstrated using absolute pathnames in arguments to StartProcess and SyncShell. Un determinado control ActiveX de PDWizard.ocx 6.0.0.9782 y versiones anteriores de Microsoft Visual Studio 6.0 expone métodos peligrosos (1) StartProcess, (2) SyncShell, (3) SaveAs, (4) CABDefaultURL, (5) CABFileName, y (6) CABRunFile, lo cual permite a atacantes remotos ejecutar programas de su elección y tener otros impactos, como se demuestra utilizando nombre de ruta absoluta en argumentos a StartProcess y SyncShell. • https://www.exploit-db.com/exploits/4393 http://osvdb.org/37106 http://secunia.com/advisories/26779 http://shinnai.altervista.org/exploits/txt/TXT_AZJ5bXwXvMARqwtfe97I.html http://www.securityfocus.com/bid/25638 https://exchange.xforce.ibmcloud.com/vulnerabilities/36572 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVE-2007-4254 – Microsoft Visual 6 - 'VDT70.dll NotSafe' Remote Stack Overflow
https://notcve.org/view.php?id=CVE-2007-4254
Stack-based buffer overflow in a certain ActiveX control in VDT70.DLL in Microsoft Visual Database Tools Database Designer 7.0 for Microsoft Visual Studio 6 allows remote attackers to execute arbitrary code via a long argument to the NotSafe method. NOTE: this may overlap CVE-2007-2885 or CVE-2005-2127. Desbordamiento de búfer basado en pila en un determinado control ActiveX de VDT70.DLL en Microsoft Visual Database Tools Database Designer 7.0 para Microsoft Visual Studio 6 permite a atacantes remotos ejecutar código de su elección mediante un argumento largo para el método NotSafe. NOTA: esto podría solaparse con CVE-2007-2885 o CVE-2005-2127. • https://www.exploit-db.com/exploits/4259 http://osvdb.org/41080 •
CVE-2007-0468
https://notcve.org/view.php?id=CVE-2007-0468
Stack-based buffer overflow in rcdll.dll in msdev.exe in Visual C++ (MSVC) in Microsoft Visual Studio 6.0 SP6 allows user-assisted remote attackers to execute arbitrary code via a long file path in the "1 TYPELIB MOVEABLE PURE" option in an RC file. Desbordamiento de búfer basado en pila en rcdll.dll en msdev.exe de Visual C++ (MSVC) en Microsoft Visual Studio 6.0 SP6 permite a atacantes remotos con la complicidad del usuario ejecutar código de su elección mediante una ruta de fichero larga en la opción "1 TYPELIB MOVEABLE PURE" de un fichero RC. • http://osvdb.org/31607 http://secunia.com/advisories/23856 http://securityreason.com/securityalert/2172 http://www.anspi.pl/~porkythepig/visualization/rc-kupiekrowe.cpp http://www.securityfocus.com/archive/1/457646/100/0/threaded http://www.vupen.com/english/advisories/2007/0296 https://exchange.xforce.ibmcloud.com/vulnerabilities/31665 •
CVE-2006-4494 – Microsoft Internet Explorer 6 - Visual Studio COM Object Instantiation Denial of Service
https://notcve.org/view.php?id=CVE-2006-4494
Microsoft Visual Studio 6.0 allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code by instantiating certain Visual Studio 6.0 ActiveX COM Objects in Internet Explorer, including (1) tcprops.dll, (2) fp30wec.dll, (3) mdt2db.dll, (4) mdt2qd.dll, and (5) vi30aut.dll. Microsoft Visual Studio 6.0 permite a atacantes remotos provocar una denegación de servicio (corrupción de memoria) y posiblemente ejecutar código arbitrario instanciando objetos Visual Studio 6.0 ActiveX COM en Internet Explorer, incluyendo (1) tcprops.dll, (2) fp30wec.dll, (3) mdt2db.dll, (4) mdt2qd.dll, y (5) vi30aut.dll. • https://www.exploit-db.com/exploits/28401 http://securityreason.com/securityalert/1473 http://www.securityfocus.com/archive/1/443499/100/100/threaded http://www.securityfocus.com/bid/19572 http://www.xsec.org/index.php?module=releases&act=view&type=1&id=15 •