// For flags

CVE-2007-0468

 

Severity Score

6.8
*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

2
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Stack-based buffer overflow in rcdll.dll in msdev.exe in Visual C++ (MSVC) in Microsoft Visual Studio 6.0 SP6 allows user-assisted remote attackers to execute arbitrary code via a long file path in the "1 TYPELIB MOVEABLE PURE" option in an RC file.

Desbordamiento de búfer basado en pila en rcdll.dll en msdev.exe de Visual C++ (MSVC) en Microsoft Visual Studio 6.0 SP6 permite a atacantes remotos con la complicidad del usuario ejecutar código de su elección mediante una ruta de fichero larga en la opción "1 TYPELIB MOVEABLE PURE" de un fichero RC.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Medium
Authentication
None
Confidentiality
Partial
Integrity
Partial
Availability
Partial
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2007-01-23 CVE Reserved
  • 2007-01-24 CVE Published
  • 2024-08-07 CVE Updated
  • 2024-08-07 First Exploit
  • 2024-09-29 EPSS Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
CWE
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Microsoft
Search vendor "Microsoft"
Visual Studio
Search vendor "Microsoft" for product "Visual Studio"
6.0
Search vendor "Microsoft" for product "Visual Studio" and version "6.0"
sp6
Affected