Visual Basic - Local hacker automatic control
Version: | 6.0 |
Technical Details: | A stack overflow condition exists in the Visual Basic 6.0 IDE, which can allow an attacker to take complete control over a vulnerable system if they can convince a victim to open a malicious project file in the IDE. Exploit code is readily available for this issue. The issue is a stack overflow in the Project Description. Another similar vulnerability exists, affecting the 'Company Name' setting. |
Description: |
The Visual Basic 6.0 IDE is vulnerable to an issue which can allow a remote attacker to take control of a vulnerable system, if they can convince their victim to open a malicious project file. Another related vulnerability can allow a local user to increase their privilege setting, if they can be convinced to open a malicious project file. |
Mitigation: |
Avoid project files from untrusted sources. |
Updates: |
Not Yet Identified |
Source: |
http://milw0rm.com/exploits/3977 |
Exploits: |
http://milw0rm.com/exploits/3977 |
External Tracking Data: | Not Yet Identified |
Social bookmark this page