Site Network: Beskerming.com | Skiifwrald.com | Jongsma & Jongsma

Security for All

Sûnnet Beskerming is a company with a focus and a drive to provide Information Security services for all those who want to stay safe and secure in an online world.

Username: | Password: Contact us to request an account

Visual Basic - Local hacker automatic control

Version: 6.0
Technical Details:

A stack overflow condition exists in the Visual Basic 6.0 IDE, which can allow an attacker to take complete control over a vulnerable system if they can convince a victim to open a malicious project file in the IDE. Exploit code is readily available for this issue. The issue is a stack overflow in the Project Description. Another similar vulnerability exists, affecting the 'Company Name' setting.

Description:

The Visual Basic 6.0 IDE is vulnerable to an issue which can allow a remote attacker to take control of a vulnerable system, if they can convince their victim to open a malicious project file. Another related vulnerability can allow a local user to increase their privilege setting, if they can be convinced to open a malicious project file.

Mitigation:

Avoid project files from untrusted sources.

Updates:

Not Yet Identified

Source:

http://milw0rm.com/exploits/3977

Exploits:

http://milw0rm.com/exploits/3977

External Tracking Data:

Not Yet Identified


Social bookmark this page