Product:

Visual_studio_\.net

(Microsoft)
Repositories

Unknown:

This might be proprietary software.
#Vulnerabilities 28
Date Id Summary Products Score Patch Annotated
2008-03-11 CVE-2007-1201 Unspecified vulnerability in certain COM objects in Microsoft Office Web Components 2000 allows user-assisted remote attackers to execute arbitrary code via vectors related to DataSource that trigger memory corruption, aka "Office Web Components DataSource Vulnerability." Biztalk_server, Commerce_server, Internet_security_and_acceleration_server, Office, Visual_studio_\.net N/A
2007-02-13 CVE-2007-0025 The MFC component in Microsoft Windows 2000 SP4, XP SP2, and 2003 SP1 and Visual Studio .NET 2000, 2002 SP1, 2003, and 2003 SP1 allows user-assisted remote attackers to execute arbitrary code via an RTF file with a malformed OLE object that triggers memory corruption. NOTE: this might be due to a stack-based buffer overflow in the AfxOleSetEditMenu function in MFC42u.dll. Visual_studio_\.net, Windows_2003_server N/A
2006-11-28 CVE-2006-6133 Stack-based buffer overflow in Visual Studio Crystal Reports for Microsoft Visual Studio .NET 2002 and 2002 SP1, .NET 2003 and 2003 SP1, and 2005 and 2005 SP1 (formerly Business Objects Crystal Reports XI Professional) allows user-assisted remote attackers to execute arbitrary code via a crafted RPT file. Crystal_reports_xi, Visual_studio_\.net N/A
2006-11-01 CVE-2006-4704 Cross-zone scripting vulnerability in the WMI Object Broker (WMIScriptUtils.WMIObjectBroker2) ActiveX control (WmiScriptUtils.dll) in Microsoft Visual Studio 2005 allows remote attackers to bypass Internet zone restrictions and execute arbitrary code by instantiating dangerous objects, aka "WMI Object Broker Vulnerability." Visual_studio_\.net N/A
2006-01-12 CVE-2006-0187 By design, Microsoft Visual Studio 2005 automatically executes code in the Load event of a user-defined control (UserControl1_Load function), which allows user-assisted attackers to execute arbitrary code by tricking the user into opening a malicious Visual Studio project file. Visual_studio_\.net N/A
2005-08-19 CVE-2005-2127 Microsoft Internet Explorer 5.01, 5.5, and 6 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a web page with embedded CLSIDs that reference certain COM objects that are not intended for use within Internet Explorer, as originally demonstrated using the (1) DDS Library Shape Control (Msdds.dll) COM object, and other objects including (2) Blnmgrps.dll, (3) Ciodm.dll, (4) Comsvcs.dll, (5) Danim.dll, (6) Htmlmarq.ocx, (7)... Catalyst_driver, \.net_framework, Office, Project, Visio, Visual_studio_\.net N/A
2004-08-06 CVE-2004-0204 Directory traversal vulnerability in the web viewers for Business Objects Crystal Reports 9 and 10, and Crystal Enterprise 9 or 10, as used in Visual Studio .NET 2003 and Outlook 2003 with Business Contact Manager, Microsoft Business Solutions CRM 1.2, and other products, allows remote attackers to read and delete arbitrary files via ".." sequences in the dynamicimag argument to crystalimagehandler.aspx. Weblogic_server, J_builder, Crystal_enterprise, Crystal_enterprise_java_sdk, Crystal_enterprise_ras, Crystal_reports, Business_solutions_crm, Outlook, Visual_studio_\.net N/A
2004-09-28 CVE-2004-0200 Buffer overflow in the JPEG (JPG) parsing engine in the Microsoft Graphic Device Interface Plus (GDI+) component, GDIPlus.dll, allows remote attackers to execute arbitrary code via a JPEG image with a small JPEG COM field length that is normalized to a large integer length before a memory copy operation. \.net_framework, Digital_image_pro, Digital_image_suite, Excel, Frontpage, Greetings, Infopath, Office, Onenote, Outlook, Picture_it, Powerpoint, Producer, Project, Publisher, Visio, Visual_basic, Visual_c\#, Visual_c\+\+, Visual_j\#_\.net, Visual_studio_\.net, Windows_2003_server, Windows_xp, Word N/A