CVE-2006-4494

Name of the Vulnerable Software and Affected Versions Microsoft Visual Studio version 6.0

Description The issue allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code by instantiating certain Visual Studio 6.0 ActiveX COM Objects in Internet Explorer, including (1) tcprops.dll, (2) fp30wec.dll, (3) mdt2db.dll, (4) mdt2qd.dll, and (5) vi30aut.dll.

Recommendations For Microsoft Visual Studio version 6.0, consider disabling the instantiation of the specified ActiveX COM Objects in Internet Explorer as a temporary workaround until a patch is available. Restrict access to these objects to minimize the risk of exploitation. Avoid using these objects in Internet Explorer until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.