CVE-2006-4494

Sažetak

Microsoft Visual Studio 6.0 allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code by instantiating certain Visual Studio 6.0 ActiveX COM Objects in Internet Explorer, including (1) tcprops.dll, (2) fp30wec.dll, (3) mdt2db.dll, (4) mdt2qd.dll, and (5) vi30aut.dll.

Reference

http://securityreason.com/securityalert/1473
http://www.securityfocus.com/archive/1/443499/100/100/threaded
http://www.securityfocus.com/bid/19572
http://www.xsec.org/index.php?module=releases&act=view&type=1&id=15

CVSS

Base:	7.5
Impact:	6.4
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:N/AC:L/Au:N/C:P/I:P/A:P

Zadnje važnije ažuriranje

17-10-2018 - 21:37

Objavljeno

31-08-2006 - 22:04