CVE-2006-0187
published 2006-01-12CVE-2006-0187: By design, Microsoft Visual Studio 2005 automatically executes code in the Load event of a user-defined control (UserControl1_Load function), which allows…
PriorityP429medium5.1CVSS 2.0
AVNACHAuNCPIPAP
EXPLOIT
EPSS
18.91%
96.9th percentile
By design, Microsoft Visual Studio 2005 automatically executes code in the Load event of a user-defined control (UserControl1_Load function), which allows user-assisted attackers to execute arbitrary code by tricking the user into opening a malicious Visual Studio project file.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | visual_studio_net | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
Microsoft Visual Studio - UserControl Remote Code Execution (2)
exploitdb·2006-01-12
CVE-2006-0187 Microsoft Visual Studio - UserControl Remote Code Execution (2)
Microsoft Visual Studio - UserControl Remote Code Execution (2)
---
source: https://www.securityfocus.com/bid/16225/info
Microsoft Visual Studio is prone to a vulnerability that could allow remote attackers to execute arbitrary code. This issue stems from a design flaw that executes code contained in a project file without first notifying users.
Exploiting this issue allows attackers to execute arbitrary code in the context of the user viewing a malicious project file. Since viewing a project file is usually considered a safe operation, users may have a false sense of security by attempting to inspect unknown code before compiling or executing it.
This vulnerability may be remotely exploited due to project files originating from untrusted sources.
Visual Studio 2005 is reportedly vul
Exploit-DB
Microsoft Visual Studio - UserControl Remote Code Execution (1)
exploitdb·2006-01-12
CVE-2006-0187 Microsoft Visual Studio - UserControl Remote Code Execution (1)
Microsoft Visual Studio - UserControl Remote Code Execution (1)
---
source: https://www.securityfocus.com/bid/16225/info
Microsoft Visual Studio is prone to a vulnerability that could allow remote attackers to execute arbitrary code. This issue stems from a design flaw that executes code contained in a project file without first notifying users.
Exploiting this issue allows attackers to execute arbitrary code in the context of the user viewing a malicious project file. Since viewing a project file is usually considered a safe operation, users may have a false sense of security by attempting to inspect unknown code before compiling or executing it.
This vulnerability may be remotely exploited due to project files originating from untrusted sources.
Visual Studio 2005 is reportedly vul
No writeups or analysis indexed.
http://secunia.com/advisories/18409http://www.securityfocus.com/archive/1/421943/100/0/threadedhttp://www.securityfocus.com/bid/16225http://www.vupen.com/english/advisories/2006/0151https://exchange.xforce.ibmcloud.com/vulnerabilities/24116http://secunia.com/advisories/18409http://www.securityfocus.com/archive/1/421943/100/0/threadedhttp://www.securityfocus.com/bid/16225http://www.vupen.com/english/advisories/2006/0151https://exchange.xforce.ibmcloud.com/vulnerabilities/24116
2006-01-12
Published