The MFC component in Microsoft Windows 2000 SP4, XP SP2, and 2003 SP1 and Visual Studio .NET 2000, 2002 SP1, 2003, and 2003 SP1 allows user-assisted remote malicious users to execute arbitrary code via an RTF file with a malformed OLE object that triggers memory corruption. NOTE: this might be due to a stack-based buffer overflow in the AfxOleSetEditMenu function in MFC42u.dll.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
microsoft visual studio .net 2000 |
||
microsoft visual studio .net 2003 |
||
microsoft windows 2003 server 2000 |
||
microsoft windows 2003 server 2003 |
||
microsoft windows 2003 server xp_sp2 |