- It's the applications, stupid
- Will a whitelist save personal computing?
- Thousands of Web sites under attack
- To solve the unsolvable problem
- Re-thinking the security of virtual machines
- Security Development Lifecycle trumps code complexity
- Is your Web site FIPS compliant?
- Computer security: Why have least privilege?
- Strategic security: Get a handle on authentication
- Control user installs of software
March 05, 2006 | Comments: (0)
Buffer Overflow in Visual Studio and InterDev
FRSIRT announces Buffer Overflow in Visual Studio and InterDev
http://www.frsirt.com/english/advisories/2006/0825
A vulnerability has been identified in Microsoft Visual Studio and Microsoft Visual InterDev, which could be exploited by attackers to execute arbitrary commands. This flaw is due to a buffer overflow error when processing specially crafted Database Project (.dbp) or Solution (.sln) files containing an overly long "DataProject" field, which could be exploited by attackers to compromise a vulnerable system by tricking a user into opening a malicious ".dbp" or ".sln" file.
No patch available. No a critical buffer overflow, but interesting nonetheless.
Posted by Roger Grimes on March 5, 2006 12:45 PM
RATE THIS ARTICLE:
-
- COMMENTS
