Microsoft VDT Database Designer VDT70.DLL ActiveX Control Buffer Overflow Vulnerability

Microsoft Visual Database Tools Database Designer ActiveX Control is prone to a buffer-overflow vulnerability because the application fails to handle overly long user-supplied strings.

Attackers can exploit this issue to crash Internet Explorer or other applications that use the vulnerable ActiveX control, resulting in denial-of-service conditions; arbitrary code execution is also possible.

NOTE: This issue was classified as a denial-of-service issue. Further information reveals that it is a stack-based buffer-overflow vulnerability and can be exploited to execute arbitrary code.


 

Privacy Statement
Copyright 2010, SecurityFocus