Microsoft Visual Studio 6 dbp File DataProject memory corruption
| CVSS Meta Temp Score | Current Exploit Price (≈) | CTI Interest Score |
|---|---|---|
| 5.6 | $0-$5k | 0.00 |
Summary
A vulnerability has been found in Microsoft Visual Studio 6 and classified as problematic. The impacted element is an unknown function of the component dbp File Handler. The manipulation of the argument DataProject leads to memory corruption. This vulnerability is referenced as CVE-2006-1043. Furthermore, an exploit is available. The affected component should be upgraded.
Details
A vulnerability was found in Microsoft Visual Studio 6 (Programming Tool Software) and classified as problematic. This issue affects an unknown part of the component dbp File Handler. The manipulation of the argument DataProject with an unknown input leads to a memory corruption vulnerability. Using CWE to declare the problem leads to CWE-119. The product performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer. Impacted is confidentiality, integrity, and availability. The summary by CVE is:
Stack-based buffer overflow in Microsoft Visual Studio 6.0 and Microsoft Visual InterDev 6.0 allows user-assisted attackers to execute arbitrary code via a long DataProject field in a (1) Visual Studio Database Project File (.dbp) or (2) Visual Studio Solution (.sln).
The bug was discovered 03/03/2006. The weakness was published 03/07/2006 by kozan and ATmaCA (Website). It is possible to read the advisory at spyinstructors.com. The identification of this vulnerability is CVE-2006-1043 since 03/07/2006. The attack needs to be done within the local network. No form of authentication is needed for a successful exploitation. Technical details as well as a public exploit are known.
After before and not just, there has been an exploit disclosed. The exploit is available at spyinstructors.com. It is declared as proof-of-concept. The vulnerability was handled as a non-public zero-day exploit for at least 4 days. During that time the estimated underground price was around $25k-$100k.
Upgrading eliminates this vulnerability. Applying a patch is able to eliminate this problem. The bugfix is ready for download at microsoft.com. The best possible mitigation is suggested to be upgrading to the latest version. Furthermore it is possible to detect and prevent this kind of attack with TippingPoint and the filter 4247.
The vulnerability is also documented in the databases at X-Force (25148), Exploit-DB (1555), SecurityFocus (BID 16953†), OSVDB (23711†) and Secunia (SA19081†). Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.
Product
Type
Vendor
Name
Version
License
Website
- Vendor: https://www.microsoft.com/
CPE 2.3
CPE 2.2
CVSSv4
VulDB Vector: 🔍VulDB Reliability: 🔍
CVSSv3
VulDB Meta Base Score: 6.3VulDB Meta Temp Score: 5.6
VulDB Base Score: 6.3
VulDB Temp Score: 5.6
VulDB Vector: 🔍
VulDB Reliability: 🔍
CVSSv2
| AV | AC | Au | C | I | A |
|---|---|---|---|---|---|
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| Vector | Complexity | Authentication | Confidentiality | Integrity | Availability |
|---|---|---|---|---|---|
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
VulDB Base Score: 🔍
VulDB Temp Score: 🔍
VulDB Reliability: 🔍
NVD Base Score: 🔍
Exploiting
Class: Memory corruptionCWE: CWE-119
CAPEC: 🔍
ATT&CK: 🔍
Physical: No
Local: No
Remote: Yes
Availability: 🔍
Access: Public
Status: Proof-of-Concept
Download: 🔍
EPSS Score: 🔍
EPSS Percentile: 🔍
Price Prediction: 🔍
Current Price Estimation: 🔍
| 0-Day | Unlock | Unlock | Unlock | Unlock |
|---|---|---|---|---|
| Today | Unlock | Unlock | Unlock | Unlock |
Saint ID: exploit_info/visual_studio_dbp_sln
Saint Name: Microsoft Visual Studio .dbp and .sln buffer overflow
Exploit-DB: 🔍
Threat Intelligence
Interest: 🔍Active Actors: 🔍
Active APT Groups: 🔍
Countermeasures
Recommended: UpgradeStatus: 🔍
0-Day Time: 🔍
Patch: microsoft.com
TippingPoint: 🔍
McAfee IPS: 🔍
McAfee IPS Version: 🔍
PaloAlto IPS: 🔍
Fortigate IPS: 🔍
Timeline
03/03/2006 🔍03/03/2006 🔍
03/04/2006 🔍
03/04/2006 🔍
03/05/2006 🔍
03/07/2006 🔍
03/07/2006 🔍
03/07/2006 🔍
03/07/2006 🔍
03/07/2006 🔍
03/09/2006 🔍
03/19/2006 🔍
06/15/2019 🔍
Sources
Vendor: microsoft.comAdvisory: spyinstructors.com
Researcher: kozan, ATmaCA
Status: Not defined
CVE: CVE-2006-1043 (🔍)
GCVE (CVE): GCVE-0-2006-1043
GCVE (VulDB): GCVE-100-2075
X-Force: 25148 - Microsoft Visual Studio and Visual InterDev .dbp and .sln DataProject buffer overflow, High Risk
SecurityFocus: 16953 - Microsoft Visual Studio DBP and SLN Files DataProject Buffer Overflow Vulnerability
Secunia: 19081 - Microsoft Visual Studio ".dbp" File Handling Buffer Overflow, Moderately Critical
OSVDB: 23711 - Microsoft Visual Studio .dbp File DataProject Field Buffer Overflow
SecurityTracker: 1015721
Vulnerability Center: 10663 - Microsoft Visual Studio 6.0 Buffer Overflow via .dbp and .sln Files, Medium
Vupen: ADV-2006-0825
scip Labs: https://www.scip.ch/en/?labs.20161013
Entry
Created: 03/09/2006 10:42Updated: 06/15/2019 16:14
Changes: 03/09/2006 10:42 (98), 06/15/2019 16:14 (1)
Complete: 🔍
Cache ID: 216:BD3:103
Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.
No comments yet. Languages: en.
Please log in to comment.