The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Computer vulnerabilities of Visual Studio

computer vulnerability bulletin 23108

Microsoft: executing DLL code

Synthesis of the vulnerability

An attacker can create a malicious DLL, and then put it in the current directory of a Microsoft application, in order to execute code.
Impacted products: Office, Access, Office Communicator, Excel, OneNote, Outlook, PowerPoint, Project, Publisher, Visio, Word, SQL Server, Visual Studio.
Severity: 2/4.
Consequences: user access/rights.
Provenance: intranet server.
Creation date: 30/06/2017.
Identifiers: VIGILANCE-VUL-23108.

Description of the vulnerability

The Microsoft product uses external shared libraries (DLL).

However, if the working directory contains a malicious DLL, it is automatically loaded.

An attacker can therefore create a malicious DLL, and then put it in the current directory of a Microsoft application, in order to execute code.
Full Vigil@nce bulletin... (Free trial)

vulnerability bulletin 18913

Visual Studio: Cross Site Request Forgery via ASP.NET MVC5/6

Synthesis of the vulnerability

An attacker can trigger a Cross Site Request Forgery in ASP.NET MVC5/6 of Visual Studio, in order to force the victim to perform operations.
Impacted products: Visual Studio.
Severity: 2/4.
Consequences: user access/rights.
Provenance: internet client.
Creation date: 10/02/2016.
Identifiers: 3137909, VIGILANCE-VUL-18913.

Description of the vulnerability

The Visual Studio product offers ASP.NET MVC5 and MVC6, used to create web services.

However, the origin of queries is not checked. They can for example originate from an image included in an HTML document.

An attacker can therefore trigger a Cross Site Request Forgery in ASP.NET MVC5/6 of Visual Studio, in order to force the victim to perform operations.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability bulletin CVE-2014-3802

Microsoft DIA SDK: memory corruption via msdia.dll

Synthesis of the vulnerability

An attacker can invite the victim to open a malicious PDB file, to generate a memory corruption in msdia.dll of Microsoft DIA SDK, in order to trigger a denial of service, and possibly to execute code.
Impacted products: Visual Studio.
Severity: 2/4.
Consequences: user access/rights, denial of service on client.
Provenance: document.
Creation date: 21/05/2014.
Identifiers: CVE-2014-3802, VIGILANCE-VUL-14778, ZDI-14-129.

Description of the vulnerability

The Microsoft DIA SDK product can be installed with Visual Studio.

The debugger uses a file in PDB format. However, a malformed PDB file corrupts the msdia.dll memory.

An attacker can therefore invite the victim to open a malicious PDB file, to generate a memory corruption in msdia.dll of Microsoft DIA SDK, in order to trigger a denial of service, and possibly to execute code.
Full Vigil@nce bulletin... (Free trial)

vulnerability bulletin CVE-2013-5042

ASP.NET SignalR: Cross Site Scripting

Synthesis of the vulnerability

An attacker can trigger a Cross Site Scripting of ASP.NET SignalR, in order to execute JavaScript code in the context of the web site.
Impacted products: IIS, .NET Framework, Visual Studio.
Severity: 2/4.
Consequences: client access/rights.
Provenance: document.
Creation date: 11/12/2013.
Identifiers: 2905244, BID-64093, CERTA-2013-AVI-669, CVE-2013-5042, MS13-103, VIGILANCE-VUL-13933.

Description of the vulnerability

The ASP.NET SignalR library is used to establish a communication between a web browser and a web server, using JavaScript.

However, it does not filter received data before inserting them in generated HTML documents.

An attacker can therefore trigger a Cross Site Scripting of ASP.NET SignalR, in order to execute JavaScript code in the context of the web site.
Full Vigil@nce bulletin... (Free trial)

vulnerability announce CVE-2013-3129

Windows, Office, .NET, Lync: code execution via TrueType

Synthesis of the vulnerability

An attacker can invite the victim to open a document containing a malicious font, generating an error in the Windows kernel, in order to execute code.
Impacted products: Lync, Office, Access, Excel, InfoPath, OneNote, Outlook, PowerPoint, Project, Publisher, Visio, Word, Visual Studio, Windows 2003, Windows 2008 R0, Windows 2008 R2, Windows 2012, Windows 7, Windows 8, Windows RT, Windows Vista, Windows XP.
Severity: 4/4.
Consequences: administrator access/rights, privileged access/rights, user access/rights.
Provenance: document.
Creation date: 09/07/2013.
Identifiers: 2848295, CERTA-2013-AVI-400, CVE-2013-3129, MS13-054, VIGILANCE-VUL-13082.

Description of the vulnerability

A document (Word or HTML for example) can be written with a TrueType font.

However, if the font is malformed, an error occurs in GDI+.

An attacker can therefore invite the victim to open a document containing a malicious font, generating an error in the Windows kernel, in order to execute privileged code. A malicious web page can also be used as an attack vector.
Full Vigil@nce bulletin... (Free trial)

vulnerability alert CVE-2012-1892

Visual Studio Team Foundation Server: Cross Site Scripting

Synthesis of the vulnerability

An attacker can generate a Cross Site Scripting in Visual Studio Team Foundation Server, in order to execute JavaScript code in the context of the web site.
Impacted products: Visual Studio.
Severity: 2/4.
Consequences: client access/rights.
Provenance: document.
Creation date: 11/09/2012.
Identifiers: 2719584, BID-55409, CERTA-2012-AVI-494, CVE-2012-1892, MS12-061, VIGILANCE-VUL-11931.

Description of the vulnerability

The Visual Studio Team Foundation Server product offers tools to a developer community.

However, the web site of Team Foundation Server does not filter its parameters, before displaying them in generated HTML pages.

An attacker can therefore generate a Cross Site Scripting in Visual Studio Team Foundation Server, in order to execute JavaScript code in the context of the web site.
Full Vigil@nce bulletin... (Free trial)

vulnerability alert CVE-2012-1856

Office, SQL Server, HIS, Visual Basic: code execution via MSCOMCTL.OCX

Synthesis of the vulnerability

An attacker can invite the victim to browse a web page loading the MSCOMCTL.OCX ActiveX, in order to execute code on his computer.
Impacted products: Microsoft HIS, Office, Access, Office Communicator, Excel, Microsoft FrontPage, InfoPath, OneNote, Outlook, PowerPoint, Project, Publisher, Visio, Word, SQL Server, Visual Studio.
Severity: 4/4.
Consequences: user access/rights.
Provenance: document.
Creation date: 14/08/2012.
Identifiers: 2720573, BID-54948, CERTA-2012-AVI-443, CVE-2012-1856, MS12-060, VIGILANCE-VUL-11851.

Description of the vulnerability

The MSCOMCTL.OCX file is installed by several Microsoft products:
 - Microsoft Office
 - Microsoft SQL Server
 - Microsoft Commerce Server
 - Microsoft Host Integration Server
 - Microsoft Visual FoxPro
 - Visual Basic 6.0 Runtime

This file contains the Windows Common Controls ActiveX controls (MSCOMCTL.TreeView, MSCOMCTL.ListView2, MSCOMCTL.TreeView2, and MSCOMCTL.ListView, MSCOMCTL.TabStrip).

The TabStrip control can use a freed memory area.

An attacker can therefore invite the victim to browse a web page loading the MSCOMCTL.OCX ActiveX, in order to execute code on his computer.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability alert CVE-2012-1854

Microsoft Office: code execution via DLL Preload

Synthesis of the vulnerability

An attacker can create a malicious DLL and invite the victim to open an Office document in the same directory, in order to execute code.
Impacted products: Office, Access, Excel, Microsoft FrontPage, InfoPath, OneNote, Outlook, PowerPoint, Project, Publisher, Visio, Word, Visual Studio.
Severity: 3/4.
Consequences: user access/rights.
Provenance: intranet server.
Creation date: 10/07/2012.
Identifiers: 2707960, BID-54303, CERTA-2012-AVI-376, CVE-2012-1854, MS12-046, VIGILANCE-VUL-11756.

Description of the vulnerability

The Microsoft Office product loads the VBE6.DLL (Microsoft Visual Basic for Applications) library to open ".docx" files for example.

However, the library is loaded insecurely. An attacker can thus use the VIGILANCE-VUL-9879 vulnerability to execute code.

An attacker can therefore create a malicious DLL and invite the victim to open an Office document in the same directory, in order to execute code.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability note CVE-2012-0158

Windows: code execution via MSCOMCTL.OCX

Synthesis of the vulnerability

An attacker can invite the victim to browse a web page loading the MSCOMCTL.OCX ActiveX, in order to execute code on his computer.
Impacted products: BizTalk Server, Office, Access, Office Communicator, Excel, InfoPath, OneNote, Outlook, PowerPoint, Project, Publisher, Visio, Word, SQL Server, Visual Studio, Windows 2003, Windows 2008 R0, Windows 2008 R2, Windows 7, Windows Vista, Windows XP.
Severity: 4/4.
Consequences: user access/rights.
Provenance: document.
Creation date: 11/04/2012.
Identifiers: 2664258, BID-52911, CERTA-2012-AVI-206, CVE-2012-0158, MS12-027, VIGILANCE-VUL-11529.

Description of the vulnerability

The MSCOMCTL.OCX file is installed by several Microsoft products:
 - Microsoft Office
 - Microsoft SQL Server
 - Microsoft BizTalk Server
 - Microsoft Commerce Server
 - Microsoft Visual FoxPro
 - Visual Basic

This file contains the Windows Common Controls ActiveX controls (MSCOMCTL.TreeView, MSCOMCTL.ListView2, MSCOMCTL.TreeView2, and MSCOMCTL.ListView).

A buffer overflow in these ActiveX leads to code execution.

An attacker can therefore invite the victim to browse a web page loading the MSCOMCTL.OCX ActiveX, in order to execute code on his computer.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability announce CVE-2012-0008

Microsoft Visual Studio: code execution via add-ins

Synthesis of the vulnerability

A local attacker can add an add-in to Microsoft Visual Studio, and then invite another user to start the application, so the code located in the add-in is run with his privileges.
Impacted products: Visual Studio.
Severity: 2/4.
Consequences: administrator access/rights, privileged access/rights, user access/rights.
Provenance: user shell.
Creation date: 13/03/2012.
Identifiers: 2651019, BID-52329, CERTA-2012-AVI-139, CVE-2012-0008, MS12-021, VIGILANCE-VUL-11437.

Description of the vulnerability

The Microsoft Visual Studio product uses add-ins, which extend features offered on the interface.

A local user can add an add-in. However, this add-in is also loaded by all other local users, when they start Microsoft Visual Studio.

A local attacker can therefore add an add-in to Microsoft Visual Studio, and then invite another user to start the application, so the code located in the add-in is run with his privileges.
Full Vigil@nce bulletin... (Free trial)
Our database contains other pages. You can request a free trial to read them.

Display information about Visual Studio: