CVE-2008-4256

Name of the Vulnerable Software and Affected Versions: Microsoft Visual Basic 6.0 Microsoft Visual Studio .NET 2002 SP1 Microsoft Visual Studio .NET 2003 SP1 Microsoft Visual FoxPro 8.0 SP1 Microsoft Visual FoxPro 9.0 SP1 Microsoft Visual FoxPro 9.0 SP2

Description: The issue is related to the Charts ActiveX control, which does not properly handle errors during access to incorrectly initialized objects. This allows remote attackers to execute arbitrary code via a crafted HTML document, related to corruption of the system state.

Recommendations: For Microsoft Visual Basic 6.0, update to a version that includes the fix for the Charts Control Memory Corruption issue. For Microsoft Visual Studio .NET 2002 SP1, update to a version that includes the fix for the Charts Control Memory Corruption issue. For Microsoft Visual Studio .NET 2003 SP1, update to a version that includes the fix for the Charts Control Memory Corruption issue. For Microsoft Visual FoxPro 8.0 SP1, update to a version that includes the fix for the Charts Control Memory Corruption issue. For Microsoft Visual FoxPro 9.0 SP1, update to a version that includes the fix for the Charts Control Memory Corruption issue. For Microsoft Visual FoxPro 9.0 SP2, update to a version that includes the fix for the Charts Control Memory Corruption issue.