Product:

Visual_c\+\+

(Microsoft)
Repositories

Unknown:

This might be proprietary software.

#Vulnerabilities 6
Date Id Summary Products Score Patch Annotated
2007-02-13 CVE-2007-0842 The 64-bit versions of Microsoft Visual C++ 8.0 standard library (MSVCR80.DLL) time functions, including (1) localtime, (2) localtime_s, (3) gmtime, (4) gmtime_s, (5) ctime, (6) ctime_s, (7) wctime, (8) wctime_s, and (9) fstat, trigger an assertion error instead of a NULL pointer or EINVAL when processing a time argument later than Jan 1, 3000, which might allow context-dependent attackers to cause a denial of service (application exit) via large time values. NOTE: it could be argued that... Visual_c\+\+ N/A
2010-08-31 CVE-2010-3190 Untrusted search path vulnerability in the Microsoft Foundation Class (MFC) Library in Microsoft Visual Studio .NET 2003 SP1; Visual Studio 2005 SP1, 2008 SP1, and 2010; Visual C++ 2005 SP1, 2008 SP1, and 2010; and Exchange Server 2010 Service Pack 3, 2013, and 2013 allows local users to gain privileges via a Trojan horse dwmapi.dll file in the current working directory during execution of an MFC application such as AtlTraceTool8.exe (aka ATL MFC Trace Tool), as demonstrated by a directory... Itunes, Visual_c\+\+, Visual_studio, Visual_studio_\.net N/A
2009-07-29 CVE-2009-2495 The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 SP1, Visual Studio 2005 SP1 and 2008 Gold and SP1, and Visual C++ 2005 SP1 and 2008 Gold and SP1 does not properly enforce string termination, which allows remote attackers to obtain sensitive information via a crafted HTML document with an ATL (1) component or (2) control that triggers a buffer over-read, related to ATL headers and buffer allocation, aka "ATL Null String Vulnerability." Visual_c\+\+, Visual_studio, Visual_studio_\.net N/A
2009-07-29 CVE-2009-2493 The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 SP1, Visual Studio 2005 SP1 and 2008 Gold and SP1, and Visual C++ 2005 SP1 and 2008 Gold and SP1; and Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2; does not properly restrict use of OleLoadFromStream in instantiating objects from data streams, which allows remote attackers to execute arbitrary code via a crafted HTML document with an ATL (1) component or (2)... Visual_c\+\+, Visual_studio, Windows_2000, Windows_2003_server, Windows_server_2008, Windows_vista, Windows_xp N/A
2009-07-29 CVE-2009-0901 The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 SP1, Visual Studio 2005 SP1 and 2008 Gold, and Visual C++ 2005 SP1 and 2008 Gold and SP1; and Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2; does not prevent VariantClear calls on an uninitialized VARIANT, which allows remote attackers to execute arbitrary code via a malformed stream to an ATL (1) component or (2) control, related to ATL headers and error... Visual_c\+\+, Visual_studio, Visual_studio_\.net N/A
2004-09-28 CVE-2004-0200 Buffer overflow in the JPEG (JPG) parsing engine in the Microsoft Graphic Device Interface Plus (GDI+) component, GDIPlus.dll, allows remote attackers to execute arbitrary code via a JPEG image with a small JPEG COM field length that is normalized to a large integer length before a memory copy operation. \.net_framework, Digital_image_pro, Digital_image_suite, Excel, Frontpage, Greetings, Infopath, Office, Onenote, Outlook, Picture_it, Powerpoint, Producer, Project, Publisher, Visio, Visual_basic, Visual_c\#, Visual_c\+\+, Visual_j\#_\.net, Visual_studio_\.net, Windows_2003_server, Windows_xp, Word N/A