CVE-2007-0025

Name of the Vulnerable Software and Affected Versions Microsoft Windows versions prior to the fix Visual Studio .NET versions prior to the fix

Description The issue allows user-assisted remote attackers to execute arbitrary code via an RTF file with a malformed OLE object that triggers memory corruption. This might be due to a stack-based buffer overflow in the AfxOleSetEditMenu function in MFC42u.dll.

Recommendations For Microsoft Windows, apply the fix to resolve the issue. For Visual Studio .NET, apply the fix to resolve the issue. As a temporary workaround, consider avoiding the use of RTF files with malformed OLE objects until a patch is available.