Vulnerability Note VU#266032
Microsoft Visual Studio VB-TSQL debugger object vbsdicli.exe contains buffer overflow via NewSPID method
A vulnerability in an object included with Visual Studio 6.0 Enterprise Edition may allow an attacker to execute code with the privileges of an interactively logged in user.
The VB-TSQL debugger object included in Visual Studio 6.0 Enterprise Edition contains a buffer overflow that could allow an intruder to execute code with the privileges of an interactively logged in user. More information on this problem is available from Microsoft at
An attacker can execute code with the privileges of an interactively logged-in victim.
Apply the patch described in http://msdn.microsoft.com/vstudio/downloads/debugging/default.asp.
Systems Affected (Learn More)
|Vendor||Status||Date Notified||Date Updated|
|Microsoft||Affected||-||03 May 2001|
CVSS Metrics (Learn More)
Our thanks to Microsoft for the information contained in their bulletin.
This document was written by Shawn V. Hernan
- CVE IDs: CAN-2001-0153
- Date Public: 27 Mar 2001
- Date First Published: 03 May 2001
- Date Last Updated: 10 Aug 2001
- Severity Metric: 11.81
- Document Revision: 6
If you have feedback, comments, or additional information about this vulnerability, please send us email.