Vulnerabilities > CVE-2006-4494 - Denial of Service vulnerability in Microsoft Visual Studio 6.0

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
low complexity
microsoft
exploit available
NVD
Published: 2006-08-31
Updated: 2018-10-17

Summary

Microsoft Visual Studio 6.0 allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code by instantiating certain Visual Studio 6.0 ActiveX COM Objects in Internet Explorer, including (1) tcprops.dll, (2) fp30wec.dll, (3) mdt2db.dll, (4) mdt2qd.dll, and (5) vi30aut.dll.

Vulnerable Configurations

Part Description Count
Application
Microsoft
2

Exploit-Db

descriptionMicrosoft Internet Explorer 6.0 Visual Studio COM Object Instantiation Denial of Service Vulnerability. CVE-2006-4494. Dos exploit for windows platform
idEDB-ID:28401
last seen2016-02-03
modified2006-08-08
published2006-08-08
reporterXSec
sourcehttps://www.exploit-db.com/download/28401/
titleMicrosoft Internet Explorer 6.0 Visual Studio COM Object Instantiation Denial of Service Vulnerability

References