----------------------------------------------------------------- Microsoft Visual Studio vulnerability Overview: In Microsoft Visual Studio 2010 the DLL CPFE.DLL is vulnerable. A badly written source file make the application crash at loading. That make it really easy to make a simple denial of service against the application by using CVS or SVN repositories. Exploitation of this bug is not yet know or confirmed. Description: To trigger the condition it just need 2 lines of code in any source file; extern class D extern unsigned intÂÂÂÂ exemple; The application crash at the exact time it detect that error pattern. Â(Access violation at 0x3f898354: read of address 0xfffffffc) You need to edit the source file outside of the application to remove those lines. Impact: A denial of service against the application. If a exploit got written for that, like a forged source file that could inject shell code, then it will be easy to infect distant computer using CVS/SVN because source file are usually thrusted to be virus safe because they are in plain text. (Not counting that usually real-time antivirus that are configured to scan file type donât usually scan source file) Â (Tested against Visual Studio Express 2010) Solution: Use another IDE, or switch back to Visual Studio 2008 Misc: Vendor got informed of that bug at this time by me:Â 6/17/2010 8:23:04 PM - On Microsoft connect at first: http://connect.microsoft.com/VisualStudio/feedback/details/568619. (Bug confirmed by Microsoft) - On secure@xxxxxxxxxxxxx after. CERT/US-CERT got informed: 11/15/2010 9:51 PM - I got a return of CERT: 11/19/2010 9:12 AM -- CERT direct me the vendor as they cannot work on the case (too much load on their side). (VU#776108) I emailed the Microsoft one last time: 11/19/2010 9:15 AM. Without answer I am now exhausted to try the report this bug correctly. So itâs the reason of this disclosure. Credit: This vulnerability was discovered by Philippe Levesque
