MFC Memory Corruption VulnerabilityID: oval:org.mitre.oval:def:157 | Date: (C)2007-02-14 (M)2023-11-23 |
Class: VULNERABILITY | Family: windows |
The MFC component in Microsoft Windows 2000 SP4, XP SP2, and 2003 SP1 and Visual Studio .NET 2000, 2002 SP1, 2003, and 2003 SP1 allows user-assisted remote attackers to execute arbitrary code via an RTF file with a malformed OLE object that triggers memory corruption. NOTE: this might be due to a stack-based buffer overflow in the AfxOleSetEditMenu function in MFC42u.dll.
Platform: |
Microsoft Windows 2000 |
Microsoft Windows XP |
Microsoft Windows Server 2003 |
Product: |
Microsoft Visual Studio .NET 2002 |
Microsoft Visual Studio .NET 2003 |