msdia.dll in Microsoft Debug Interface Access (DIA) SDK, as distributed in Microsoft Visual Studio before 2013, does not properly validate an unspecif

MICROSOFT

12-04-2025 14:27

CVE-2014-3802 Vulnerabilidad documentada

6.8 MEDIUM

Tags

#db

#add

#microsoft

#sdk

#attackers

#arbitrary

#remote

#execute

#denial

#bug

#allow

#attack

#access

Descripción

msdia.dll in Microsoft Debug Interface Access (DIA) SDK, as distributed Visual Studio before 2013, does not properly validate an unspecified variable use calculating a dynamic-call address, which allows remote attackers to execute arbitrary code or cause denial of service (memory corruption) via crafted PDB file.

http://www.securityfocus.com/bid/67398

http://zerodayinitiative.com/advisories/ZDI-14-129/

http://www.securityfocus.com/bid/67398

http://zerodayinitiative.com/advisories/ZDI-14-129/

Referencia

Link externo

Ver detalles

Fuente

https://nvd.nist.gov/vuln/detail/CVE-2014-3802

Resultados similares

Coincidentes en almenos en 50% de los tags

15-04-2025 CVE-2022-34478
ms-msdt<-code>-

search<-code>-and-search-ms<-code>-protocols-deliver-content-'>The ms-msdt, search, and search-ms protocols deliver con...

 Ver información


12-04-2025 CVE-2014-1260

QuickLook in Apple OS X through 10.8.5 allows remote attackers to execute arbitrary code or cau...

 Ver información