- Description
- Microsoft Visual Studio 6.0 allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code by instantiating certain Visual Studio 6.0 ActiveX COM Objects in Internet Explorer, including (1) tcprops.dll, (2) fp30wec.dll, (3) mdt2db.dll, (4) mdt2qd.dll, and (5) vi30aut.dll.
- Source
- cve@mitre.org
- NVD status
- Modified
CVSS 2.0
- Type
- Primary
- Base score
- 7.5
- Impact score
- 6.4
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:P/I:P/A:P
- Hype score
- Not currently trending
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:visual_studio:6.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D5CDA0E2-DFBD-4EE0-80DC-76AA55ADFEFC"
},
{
"criteria": "cpe:2.3:a:microsoft:visual_studio:6.0:sp1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "00ACB96E-1B59-46F5-855F-2091DDB26BA9"
}
],
"operator": "OR"
}
]
}
]