Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2006-1043Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft Visual Interdev

CWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer4 documents4 sources
Severity
5.1MEDIUMNVD
EPSS
65.6%
top 1.50%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
2
Microsoft Visual InterdevMicrosoft Visual Studio
Timeline
PublishedMar 7
Latest updateMay 1

Description

Stack-based buffer overflow in Microsoft Visual Studio 6.0 and Microsoft Visual InterDev 6.0 allows user-assisted attackers to execute arbitrary code via a long DataProject field in a (1) Visual Studio Database Project File (.dbp) or (2) Visual Studio Solution (.sln).

CVSS vector

AV:N/AC:H/C:P/I:P/A:PExploitability: 4.9 | Impact: 6.4

Affected Packages2 packages

🔴Vulnerability Details

2
GHSA
GHSA-pw7h-26mj-qxwm: Stack-based buffer overflow in Microsoft Visual Studio 62022-05-01
CVEList
CVE-2006-1043: Stack-based buffer overflow in Microsoft Visual Studio 62006-03-07

💥Exploits & PoCs

1
Exploit-DB
Microsoft Visual Studio 6.0 sp6 - '.dbp' Local Buffer Overflow2006-03-05
CVE-2006-1043 — Microsoft Visual Interdev vulnerability | cvebase