Visual Studio - New unpatched buffer overflow vulnerability - Security Protection

Common Tasks

Community

Email Notifications

Personal Links

Security Protection - Harry Waldron (CS)

Security Best Practices, Breaking News, & Updates

Visual Studio - New unpatched buffer overflow vulnerability

It's rated as "low risk" as it requires user action plus it's probably unlikely to become a target for in-the-wild exploitation.

Microsoft Visual Studio ".rc" File Handling Buffer Overflow
http://www.frsirt.com/english/advisories/2007/0296
http://secunia.com/advisories/23856/

QUOTE: porkythepig has reported a vulnerability in Microsoft Visual Studio, which can be exploited by malicious people to compromise a user's system.

The vulnerability is caused due to a boundary error within the handling of ".rc" files that contain an overly long string after the "1 TYPELIB MOVEABLE PURE " text. This can be exploited to cause a stack-based buffer overflow and allows arbitrary code execution when a malicious ".rc" file is opened.

Successful exploitation requires that a user click on the "Ok" button or closes the message box when the "file not found" message box appears.

Affected Products: Microsoft Visual Studio 6 SP6 and prior

Solution: FrSIRT is not aware of any official supplied patch for this issue.

Posted: Jan 25 2007, 02:07 PM by Harry Waldron | with no comments

Questions? Contact Susan at Susan-at-msmvps.com. Each post's copyright held by the original author. All rights reserved. Blog site is an independent site not sponsored by Microsoft.
Our servers would like to thank www.ownwebnow.com and www.exchangedefender.com. We wouldn't be here without the generosity of Vlad Mazek and his companies.

Powered by Community Server (Commercial Edition), by Telligent Systems

Theme based on the Paperclip Blog Theme included in Community Server.
Enhanced to a Site-Wide Theme by Interscape Technologies.