Spyware, Viruses, & Security forum

General discussion

Microsoft Visual C++ Constructed ISAPI Extensions Denial of Service

by Marianna Schmudlach / March 24, 2004 12:32 AM PST

CRITICAL:
Less critical

IMPACT:
DoS

WHERE:
From remote

SOFTWARE:
Microsoft Visual Studio 6 Professional
Microsoft Visual C++ 6.x
Microsoft Visual Studio 6 Enterprise

DESCRIPTION:
A vulnerability has been reported in Microsoft Visual C++, which
potentially can be exploited by malicious people to cause a DoS
(Denial-of-Service) on certain applications.

ISAPI (Internet Server Application Programming Interface) extensions
built with the MFC (Microsoft Foundation Classes) static library may
be vulnerable to DoS attacks.

The problem is that the MFC ISAPI code may produce invalid arguments
under heavy load when processing data from POST requests. This may
cause access violations.

The following products are affected:
* Microsoft Visual Studio 6.0
* Microsoft Visual C++ 6.0

SOLUTION:
The vulnerability has been fixed in Visual Studio 6.0 Service Pack 6,
which will be available at:
http://msdn.microsoft.com/vstudio/sp/default.asp

http://secunia.com/advisories/11199/

Discussion is locked
You are posting a reply to: Microsoft Visual C++ Constructed ISAPI Extensions Denial of Service
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: Microsoft Visual C++ Constructed ISAPI Extensions Denial of Service
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Popular Forums
icon
Computer Newbies 10,686 discussions
icon
Computer Help 54,365 discussions
icon
Laptops 21,181 discussions
icon
Networking & Wireless 16,313 discussions
icon
Phones 17,137 discussions
icon
Security 31,287 discussions
icon
TVs & Home Theaters 22,101 discussions
icon
Windows 7 8,164 discussions
icon
Windows 10 2,657 discussions

GIVEAWAY

Turn up the volume with our Apple Byte sweeps!

Two lucky winners will take home the coveted smart speaker that lets Siri help you around your connected house. This sweepstake ends Feb. 25, 2018.