Lucene search
Wenguang JiaoZDI-21-1076HistorySep 16, 2021 - 12:00 a.m.
Microsoft Visual Studio DDS File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
2021-09-1600:00:00
Wenguang Jiao
www.zerodayinitiative.com
32
0.041 Low
EPSS
Percentile
92.2%
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Visual Studio. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DDS files. Crafted data in a DDS file can trigger an overflow of a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process.
Related
cvelist
cvelist
CVE-2021-36952 Visual Studio Remote Code Execution Vulnerability
2021-09-15 11:23:30
cve
cve
CVE-2021-36952
2021-09-15 12:15:13
prion
prion
Remote code execution
2021-09-15 12:15:00
nvd
nvd
CVE-2021-36952
2021-09-15 12:15:13
mscve
mscve
Visual Studio Remote Code Execution Vulnerability
2021-09-14 07:00:00
nessus
nessus
Security Updates for Microsoft Visual Studio Products (September 2021)
2021-09-16 00:00:00
kaspersky
kaspersky
KLA12285 Multiple vulnerabilities in Microsoft Developer Tools
2021-09-14 00:00:00
thn
thn
qualysblog
qualysblog
rapid7blog
rapid7blog
Patch Tuesday - September 2021
2021-09-15 03:44:31