-----------------------------------------------------------------
Microsoft Visual Studio vulnerability
Overview:
In Microsoft Visual Studio 2010 the DLL CPFE.DLL is vulnerable. A badly
written source file make the application crash at loading. That make it
really easy to make a simple denial of service against the application by
using CVS or SVN repositories. Exploitation of this bug is not yet know or
confirmed.
Description:
To trigger the condition it just need 2 lines of code in any source file;
extern class D
extern unsigned int    exemple;
The application crash at the exact time it detect that error pattern.
 (Access violation at 0x3f898354: read of address 0xfffffffc)
You need to edit the source file outside of the application to remove
those
lines.
Impact:
A denial of service against the application. If a exploit got written for
that, like a forged source file that could inject shell code, then it will
be easy to infect distant computer using CVS/SVN because source file are
usually thrusted to be virus safe because they are in plain text. (Not
counting that usually real-time antivirus that are configured to scan file
type donâ??t usually scan source file)
Â
(Tested against Visual Studio Express 2010)
Solution:
Use another IDE, or switch back to Visual Studio 2008
Misc:
Vendor got informed of that bug at this time by me:Â 6/17/2010 8:23:04 PM
- On Microsoft connect at first:
http://connect.microsoft.com/VisualStudio/feedback/details/568619. (Bug
confirmed by Microsoft)
- On secure (at) microsoft (dot) com [email concealed] after.
CERT/US-CERT got informed: 11/15/2010 9:51 PM
- I got a return of CERT: 11/19/2010 9:12 AM
-- CERT direct me the vendor as they cannot work on the case (too much
load
on their side). (VU#776108)
I emailed the Microsoft one last time: 11/19/2010 9:15 AM.
Without answer I am now exhausted to try the report this bug correctly. So
itâ??s the reason of this disclosure.
Credit:
This vulnerability was discovered by Philippe Levesque
Microsoft Visual Studio vulnerability
Overview:
In Microsoft Visual Studio 2010 the DLL CPFE.DLL is vulnerable. A badly
written source file make the application crash at loading. That make it
really easy to make a simple denial of service against the application by
using CVS or SVN repositories. Exploitation of this bug is not yet know or
confirmed.
Description:
To trigger the condition it just need 2 lines of code in any source file;
extern class D
extern unsigned int    exemple;
The application crash at the exact time it detect that error pattern.
 (Access violation at 0x3f898354: read of address 0xfffffffc)
You need to edit the source file outside of the application to remove
those
lines.
Impact:
A denial of service against the application. If a exploit got written for
that, like a forged source file that could inject shell code, then it will
be easy to infect distant computer using CVS/SVN because source file are
usually thrusted to be virus safe because they are in plain text. (Not
counting that usually real-time antivirus that are configured to scan file
type donâ??t usually scan source file)
Â
(Tested against Visual Studio Express 2010)
Solution:
Use another IDE, or switch back to Visual Studio 2008
Misc:
Vendor got informed of that bug at this time by me:Â 6/17/2010 8:23:04 PM
- On Microsoft connect at first:
http://connect.microsoft.com/VisualStudio/feedback/details/568619. (Bug
confirmed by Microsoft)
- On secure (at) microsoft (dot) com [email concealed] after.
CERT/US-CERT got informed: 11/15/2010 9:51 PM
- I got a return of CERT: 11/19/2010 9:12 AM
-- CERT direct me the vendor as they cannot work on the case (too much
load
on their side). (VU#776108)
I emailed the Microsoft one last time: 11/19/2010 9:15 AM.
Without answer I am now exhausted to try the report this bug correctly. So
itâ??s the reason of this disclosure.
Credit:
This vulnerability was discovered by Philippe Levesque
[ reply ]