A vulnerability in an object included with Visual Studio 6.0 Enterprise Edition may allow an attacker to execute code with the privileges of an interactively logged in user.
The VB-TSQL debugger object included in Visual Studio 6.0 Enterprise Edition contains a buffer overflow that could allow an intruder to execute code with the privileges of an interactively logged in user. More information on this problem is available from Microsoft at
An attacker can execute code with the privileges of an interactively logged-in victim.
Apply the patch described in http://msdn.microsoft.com/vstudio/downloads/debugging/default.asp.
Our thanks to Microsoft for the information contained in their bulletin.
This document was written by Shawn V. Hernan
|Date First Published:||2001-05-03|
|Date Last Updated:||2001-08-10 17:34 UTC|