Infesting you with Virus News
 

Vulnerabilities

The FlexGrid ActiveX control in Microsoft Visual Basic 6.0, Visual FoxPro 8.0... (PC1-2008-0994)

Overview

Vulnerability chart

Risk level
  • Low
  • Medium
  • High
  • Extreme
  • Severe
Warning: security vulnerability level = severe
14 vulnerabilities(-y) found between 15 September, 2004 and 10 December, 2008.
Microsoft Project (known as MSP) refers to a project management software... more
See also: Office Project
271 files found: VSWITCH.EXE, openmail.exe, SCM.EXE, DISTRIB.EXE, BCP.EXE, MSPJCBM.EXE, LOGREAD.EXE, SETUPSVR.EXE, GIMEFIX.EXE, W2K_ARA.EXE, OA4514.EXE, W2K_JPN.EXE, OSQL.EXE, W2K_KOR.EXE, Q248120.EXE... more
Risk level
  • Low
  • Medium
  • High
  • Extreme
  • Severe
Warning: security vulnerability level = severe
6 vulnerabilities(-y) found between 12 September, 2002 and 10 December, 2008.
Visual FoxPro 9.0 points to a data-centric object-oriented and procedural... more
Risk level
  • Low
  • Medium
  • High
  • Extreme
  • Severe
Warning: security vulnerability level = severe
19 vulnerabilities(-y) found between 14 September, 2003 and 10 December, 2008.
Visual Basic (VB) refers to the third-generation event-driven programming... more
See also: Visual Basic
1386 files found: MQAPITST.EXE, dac.exe, pws.exe, mdac_typ.exe, mtxtstop.exe, cabarc.exe, vbbank.exe, odbcsp32.exe, MSJavx86.exe, inetmgr.exe, OUTEMERG.EXE, MigRepV2.exe, oleview.exe, DUMPIS.EXE, mtxstop.exe... more
The FlexGrid ActiveX control in Microsoft Visual Basic 6.0, Visual FoxPro 8.0 SP1 and 9.0 SP1 and SP2, Office FrontPage 2002 SP3, and Office Project 2003 SP3 does not correctly use errors throughout access to wrongly initialized objects.
Remote Access
Unknown patch
availability
Patch implementation
unknown

References to Advisories, Solutions, and Tools

Description:

By using this type of vulnerability, remote attackers are enabled to execute arbitrary code. This may be done through a crafted HTML document, associated with corruption of the "system state," aka "FlexGrid Control Memory Corruption Vulnerability."

Impact:

With the help of this vulnerability, remote attackers obtain administrator access. Also, this vulnerability enables full confidentiality, integrity, and availability violation. Moreover, it enables to reveal information without any authorization. Finally, it lets to break up a service.

References:http://www.microsoft.com/technet/security/Bulletin/MS08-070.mspx

Impact

CVSS Severity

CVSS Version 2 Metrics:

CVSS v2 Base Score:8.5 (HIGH)Access Vector:N/A
Impact Subscore: 10.0Access Complexity: Medium
Exploitability Subscore: 6.8Authentication: Required to exploit
Impact Type:Provides administrator access, Allows complete confidentiality, integrity, and availability violation; Allows unauthorized disclosure of information; Allows disruption of service

Say something interesting!

Name:
Email:
Website:
Comment:
Please type 5-digit security code below:
Captcha image for spam protection

Featured Videos

Registry Tutorials
From: PC1News Videos
Added: November 11, 2008
more videos

Latest Comments

billy.exe
September 9, 2010
My Billy.exes a part of AutoRun Eater (by Old McDonalds Farm Freeware)... more..
Generic Dropper.p
September 9, 2010
more..
Generic Dropper.p
September 9, 2010
Very interesting tale more..
more comments..
rss
Home | Files | Programs | Latest Comments | About us | Privacy Policy | Contributors | Write For Us | Contact Us
© 2008 - 2010 pc1news.com - All rights reserved.
Home  Tips  Downloads Videos Virus List Vulnerabilities
Home > Vulnerabilities > PC1-2008-0994