CVE-2009-2495
https://notcve.org/view.php?id=CVE-2009-2495
The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 SP1, Visual Studio 2005 SP1 and 2008 Gold and SP1, and Visual C++ 2005 SP1 and 2008 Gold and SP1 does not properly enforce string termination, which allows remote attackers to obtain sensitive information via a crafted HTML document with an ATL (1) component or (2) control that triggers a buffer over-read, related to ATL headers and buffer allocation, aka "ATL Null String Vulnerability." La Active Template Library (ATL) en Microsoft Visual Studio .NET 2003 SP1, Visual Studio 2005 SP1 y 2008 Gold y SP1, y Visual C++ 2005 SP1 y 2008 Gold y SP1 no cumple adecuadamente con la terminación de cadena, lo que permite a atacantes remotos obtener información sensible a través de un documentos HTML manipulado con un (1) control o (2) componente ATL que provoca un desbordamiento de lectura de búfer. Relacionado con la reserva de cabeceras y búfers ATL. También conocida como "Vulnerabilidad de cadena nula ATL". • http://marc.info/?l=bugtraq&m=126592505426855&w=2 http://secunia.com/advisories/35967 http://secunia.com/advisories/36374 http://secunia.com/advisories/36746 http://sunsolve.sun.com/search/document.do?assetkey=1-66-266108-1 http://www.adobe.com/support/security/bulletins/apsb09-10.html http://www.adobe.com/support/security/bulletins/apsb09-13.html http://www.novell.com/support/viewContent.do?externalId=7004997&sliceId=1 http://www.us-cert.gov/cas/techalerts/TA09-195A.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2006-6133 – Business Objects Crystal Reports XI Professional - File Handling Buffer Overflow
https://notcve.org/view.php?id=CVE-2006-6133
Stack-based buffer overflow in Visual Studio Crystal Reports for Microsoft Visual Studio .NET 2002 and 2002 SP1, .NET 2003 and 2003 SP1, and 2005 and 2005 SP1 (formerly Business Objects Crystal Reports XI Professional) allows user-assisted remote attackers to execute arbitrary code via a crafted RPT file. Desbordamiento de búfer basado en pila en Visual Studio Crystal Reports para Microsoft Visual Studio .NET 2002 y 2002 SP1; .NET 2003 y 2003 SP1; y 2005 y 2005 SP1 (anteriormente Business Objects Crystal Reports XI Professional) permite a atacantes remotos con la ayuda del usuario, ejecutar código de su elección mediante un fichero RPT manipulado. • https://www.exploit-db.com/exploits/29171 http://secunia.com/advisories/23091 http://secunia.com/advisories/26754 http://securitytracker.com/id?1017279 http://www.lssec.com/advisories/LS-20061102.pdf http://www.securityfocus.com/archive/1/452464/100/0/threaded http://www.securityfocus.com/bid/21261 http://www.us-cert.gov/cas/techalerts/TA07-254A.html http://www.vupen.com/english/advisories/2006/4691 http://www.vupen.com/english/advisories/2007/3114 https://docs. • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2006-4704 – Microsoft Visual Studio WmiScriptUtils.dll Cross-Zone Scripting Vulnerability
https://notcve.org/view.php?id=CVE-2006-4704
Cross-zone scripting vulnerability in the WMI Object Broker (WMIScriptUtils.WMIObjectBroker2) ActiveX control (WmiScriptUtils.dll) in Microsoft Visual Studio 2005 allows remote attackers to bypass Internet zone restrictions and execute arbitrary code by instantiating dangerous objects, aka "WMI Object Broker Vulnerability." Vulnerabilidad de secuencias de comandos en zonas cruzadas en el Control ActiveX (WmiScriptUtils.dll) del WMI Object Broker (WMIScriptUtils.WMIObjectBroker2) en el Microsoft Visual Studio 2005 permite atacantes remotos evitar las restricciones de la zona de Internet y ejecutar código de su elección instanciando objetos peligrosos, también conocido como "Vulnerabilidad WMI Object Broker". This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. Successful exploitation requires that the target user browse to a malicious web page. The specific flaw exists in the Microsoft WMIScriptUtils.WMIObjectBroker2 ActiveX control which is bundled with Visual Studio 2005. An attacker can utilize this control to bypass Internet zone security restrictions and instantiate other dangerous objects that can be leveraged to result in arbitrary code execution. • https://www.exploit-db.com/exploits/16561 http://blogs.technet.com/msrc/archive/2006/11/01/microsoft-security-advisory-927709-posted.aspx http://research.eeye.com/html/alerts/zeroday/20061031.html http://secunia.com/advisories/22603 http://securitytracker.com/id?1017142 http://www.kb.cert.org/vuls/id/854856 http://www.microsoft.com/technet/security/advisory/927709.mspx http://www.securityfocus.com/archive/1/454201/100/0/threaded http://www.securityfocus.com/archive/1/454969/ •
CVE-2006-0187 – Microsoft Visual Studio - UserControl Remote Code Execution
https://notcve.org/view.php?id=CVE-2006-0187
By design, Microsoft Visual Studio 2005 automatically executes code in the Load event of a user-defined control (UserControl1_Load function), which allows user-assisted attackers to execute arbitrary code by tricking the user into opening a malicious Visual Studio project file. • https://www.exploit-db.com/exploits/27073 https://www.exploit-db.com/exploits/27072 http://secunia.com/advisories/18409 http://www.securityfocus.com/archive/1/421943/100/0/threaded http://www.securityfocus.com/bid/16225 http://www.vupen.com/english/advisories/2006/0151 https://exchange.xforce.ibmcloud.com/vulnerabilities/24116 •
CVE-2005-2127 – Microsoft Visual Studio .NET - 'msdds.dll' Remote Code Execution
https://notcve.org/view.php?id=CVE-2005-2127
Microsoft Internet Explorer 5.01, 5.5, and 6 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a web page with embedded CLSIDs that reference certain COM objects that are not intended for use within Internet Explorer, as originally demonstrated using the (1) DDS Library Shape Control (Msdds.dll) COM object, and other objects including (2) Blnmgrps.dll, (3) Ciodm.dll, (4) Comsvcs.dll, (5) Danim.dll, (6) Htmlmarq.ocx, (7) Mdt2dd.dll (as demonstrated using a heap corruption attack with uninitialized memory), (8) Mdt2qd.dll, (9) Mpg4ds32.ax, (10) Msadds32.ax, (11) Msb1esen.dll, (12) Msb1fren.dll, (13) Msb1geen.dll, (14) Msdtctm.dll, (15) Mshtml.dll, (16) Msoeacct.dll, (17) Msosvfbr.dll, (18) Mswcrun.dll, (19) Netshell.dll, (20) Ole2disp.dll, (21) Outllib.dll, (22) Psisdecd.dll, (23) Qdvd.dll, (24) Repodbc.dll, (25) Shdocvw.dll, (26) Shell32.dll, (27) Soa.dll, (28) Srchui.dll, (29) Stobject.dll, (30) Vdt70.dll, (31) Vmhelper.dll, and (32) Wbemads.dll, aka a variant of the "COM Object Instantiation Memory Corruption vulnerability." • https://www.exploit-db.com/exploits/26167 http://isc.sans.org/diary.php?date=2005-08-18 http://secunia.com/advisories/16480 http://secunia.com/advisories/17172 http://secunia.com/advisories/17223 http://secunia.com/advisories/17509 http://securityreason.com/securityalert/72 http://securitytracker.com/id?1014727 http://support.avaya.com/elmodocs2/security/ASA-2005-214.pdf http://www.kb.cert.org/vuls/id/740372 http://www.kb.cert.org/vuls/id/898241 http://www& • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •