CVE-2008-3704

Public exploit
Heap-based buffer overflow in the MaskedEdit ActiveX control in Msmask32.ocx 6.0.81.69, and possibly other versions before 6.0.84.18, in Microsoft Visual Studio 6.0, Visual Basic 6.0, Visual Studio .NET 2002 SP1 and 2003 SP1, and Visual FoxPro 8.0 SP1 and 9.0 SP1 and SP2 allows remote attackers to execute arbitrary code via a long Mask parameter, related to not "validating property values with boundary checks," as exploited in the wild in August 2008, aka "Masked Edit Control Memory Corruption Vulnerability."
Max CVSS
9.3
EPSS Score
96.37%
Published
2008-08-18
Updated
2018-10-12
Microsoft QUIC Denial of Service Vulnerability
Max CVSS
7.5
EPSS Score
0.05%
Published
2024-03-12
Updated
2024-03-12
.NET and Visual Studio Denial of Service Vulnerability
Max CVSS
7.5
EPSS Score
0.05%
Published
2024-03-12
Updated
2024-03-12
Visual Studio Elevation of Privilege Vulnerability
Max CVSS
7.8
EPSS Score
0.20%
Published
2024-01-09
Updated
2024-01-17
Visual Studio Information Disclosure Vulnerability
Max CVSS
5.5
EPSS Score
0.05%
Published
2023-06-14
Updated
2023-06-21
.NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability
Max CVSS
7.8
EPSS Score
0.21%
Published
2023-06-14
Updated
2023-06-22
Visual Studio Remote Code Execution Vulnerability
Max CVSS
8.8
EPSS Score
1.56%
Published
2022-08-09
Updated
2023-05-31
Visual Studio Remote Code Execution Vulnerability
Max CVSS
8.8
EPSS Score
1.56%
Published
2022-08-09
Updated
2023-05-31
Visual Studio Remote Code Execution Vulnerability
Max CVSS
8.8
EPSS Score
2.21%
Published
2022-08-09
Updated
2023-05-31
Visual Studio Remote Code Execution Vulnerability
Max CVSS
8.8
EPSS Score
1.21%
Published
2022-08-09
Updated
2023-05-31
Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability
Max CVSS
7.8
EPSS Score
0.04%
Published
2021-11-10
Updated
2023-12-28
Diagnostics Hub Standard Collector Service Elevation of Privilege Vulnerability
Max CVSS
7.8
EPSS Score
0.05%
Published
2021-04-13
Updated
2023-12-29
Diagnostics Hub Standard Collector Service Elevation of Privilege Vulnerability
Max CVSS
7.8
EPSS Score
0.06%
Published
2021-04-13
Updated
2023-12-29
Diagnostics Hub Standard Collector Service Elevation of Privilege Vulnerability
Max CVSS
7.8
EPSS Score
0.05%
Published
2021-04-13
Updated
2023-12-29
Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability
Max CVSS
7.8
EPSS Score
0.04%
Published
2021-01-12
Updated
2023-12-29
Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability
Max CVSS
7.8
EPSS Score
0.04%
Published
2021-01-12
Updated
2023-12-29
<p>A remote code execution vulnerability exists in Visual Studio when it improperly handles objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.</p> <p>To exploit the vulnerability, an attacker would have to convince a user to open a specially crafted file with an affected version of Visual Studio.</p> <p>The update addresses the vulnerability by correcting how Visual Studio handles objects in memory.</p>
Max CVSS
9.3
EPSS Score
1.28%
Published
2020-09-11
Updated
2023-12-31
<p>A remote code execution vulnerability exists in Visual Studio when it improperly handles objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.</p> <p>To exploit the vulnerability, an attacker would have to convince a user to open a specially crafted file with an affected version of Visual Studio.</p> <p>The update addresses the vulnerability by correcting how Visual Studio handles objects in memory.</p>
Max CVSS
9.3
EPSS Score
1.28%
Published
2020-09-11
Updated
2023-12-31
An elevation of privilege vulnerability exists when the Windows Diagnostics Hub Standard Collector Service fails to properly sanitize input, leading to an unsecure library-loading behavior, aka 'Windows Diagnostics Hub Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1418.
Max CVSS
7.8
EPSS Score
0.04%
Published
2020-07-14
Updated
2021-07-21
An elevation of privilege vulnerability exists when the Diagnostics Hub Standard Collector Service improperly handles file operations, aka 'Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1257, CVE-2020-1278.
Max CVSS
7.8
EPSS Score
0.04%
Published
2020-06-09
Updated
2021-07-21
An elevation of privilege vulnerability exists when the Diagnostics Hub Standard Collector Service improperly handles file operations, aka 'Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1257, CVE-2020-1293.
Max CVSS
7.8
EPSS Score
0.04%
Published
2020-06-09
Updated
2021-07-21
An elevation of privilege vulnerability exists when the Diagnostics Hub Standard Collector Service improperly handles file operations, aka 'Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1278, CVE-2020-1293.
Max CVSS
7.8
EPSS Score
0.04%
Published
2020-06-09
Updated
2021-07-21
An elevation of privilege vulnerability exists when the Diagnostics Hub Standard Collector or the Visual Studio Standard Collector fail to properly handle objects in memory, aka 'Diagnostic Hub Standard Collector Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1202.
Max CVSS
7.8
EPSS Score
0.04%
Published
2020-06-09
Updated
2021-07-21
An elevation of privilege vulnerability exists when the Diagnostics Hub Standard Collector or the Visual Studio Standard Collector fail to properly handle objects in memory, aka 'Diagnostic Hub Standard Collector Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1203.
Max CVSS
7.8
EPSS Score
0.04%
Published
2020-06-09
Updated
2021-07-21
<p>An elevation of privilege vulnerability exists when the Diagnostics Hub Standard Collector improperly handles file operations. An attacker who successfully exploited this vulnerability could run processes in an elevated context.</p> <p>An attacker could exploit this vulnerability by running a specially crafted application on the victim system.</p> <p>The update addresses the vulnerability by correcting the way the Diagnostics Hub Standard Collector handles file operations.</p>
Max CVSS
7.8
EPSS Score
0.04%
Published
2020-09-11
Updated
2023-12-31
56 vulnerabilities found
1 2 3
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!