CVE-2006-1043

Stack-based buffer overflow in Microsoft Visual Studio 6.0 and Microsoft Visual InterDev 6.0 allows user-assisted attackers to execute arbitrary code via a long DataProject field in a (1) Visual Studio Database Project File (.dbp) or (2) Visual Studio Solution (.sln).

Published: Mar 7, 2006
Updated: Apr 13, 2023
CVE: CVE-2006-1043
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 5.1
AV:N/AC:H/Au:N/C:P/I:P/A:P

CWEs:

CWE-119

Affected Software
References

Software	From	Fixed in
microsoft / visual_studio	6.0-sp5	6.0-sp5.x
microsoft / visual_studio	6.0	6.0.x
microsoft / visual_studio	6.0-sp3	6.0-sp3.x
microsoft / visual_studio	6.0-sp2	6.0-sp2.x
microsoft / visual_interdev	6.0	6.0.x
microsoft / visual_studio	6.0-sp1	6.0-sp1.x
microsoft / visual_studio	6.0-sp4	6.0-sp4.x

http://secunia.com/advisories/19081
http://securitytracker.com/id?1015721
http://www.frsirt.com/exploits/20060305.ms-visual-dbp.c.php
http://www.osvdb.org/23711
http://www.securityfocus.com/archive/1/426767/100/0/threaded
http://www.securityfocus.com/archive/1/426830/100/0/threaded
http://www.securityfocus.com/bid/16953
http://www.vupen.com/english/advisories/2006/0825
https://exchange.xforce.ibmcloud.com/vulnerabilities/25148

Vulnerability Database

289,599

CVE-2006-1043