CVSS2
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:H/Au:N/C:P/I:P/A:P
EPSS
Percentile
99.6%
Added: 03/07/2006
CVE: CVE-2006-1043
BID: 16953
OSVDB: 23711
Microsoft Visual Studio is a product for facilitating software development on Windows operating systems.
A buffer overflow vulnerability leads to command execution when a specially crafted Database Project (**.dbp**
) or Solution (**.sln**
) file is opened in Visual Studio.
Upgrade to Visual Studio 2005.
<http://www.securityfocus.com/archive/1/426767>
Exploit requires a user to download a file and open it in Visual Studio. Exploit works on Visual Studio 6.0 SP6.
Windows 2000
Windows 2000 SP4
Windows XP