Vulnerabilities > CVE-2006-0187 - Remote Code Execution vulnerability in Microsoft Visual Studio .Net 2005

CVSS 5.1 - MEDIUM

Attack vector

NETWORK

Attack complexity

HIGH

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

high complexity

microsoft

exploit available

NVD

Published: 2006-01-12

Updated: 2018-10-19

Summary

By design, Microsoft Visual Studio 2005 automatically executes code in the Load event of a user-defined control (UserControl1_Load function), which allows user-assisted attackers to execute arbitrary code by tricking the user into opening a malicious Visual Studio project file.

Vulnerable Configurations

Part	Description	Count
Application	Microsoft Microsoft Visual Studio .Net 2005	1

Exploit-Db

description	Microsoft Visual Studio UserControl Remote Code Execution Vulnerability (2). CVE-2006-0187. Remote exploit for windows platform
id	EDB-ID:27073
last seen	2016-02-03
modified	2006-01-12
published	2006-01-12
reporter	priestmaster
source	https://www.exploit-db.com/download/27073/
title	Microsoft Visual Studio UserControl Remote Code Execution Vulnerability 2

description	Microsoft Visual Studio UserControl Remote Code Execution Vulnerability (1). CVE-2006-0187. Remote exploit for windows platform
id	EDB-ID:27072
last seen	2016-02-03
modified	2006-01-12
published	2006-01-12
reporter	anonymous
source	https://www.exploit-db.com/download/27072/
title	Microsoft Visual Studio UserControl Remote Code Execution Vulnerability 1

Summary

Vulnerable Configurations

Exploit-Db

References