Oval Definition:oval:org.mitre.oval:def:5994
Revision Date:2012-11-12Version:45
Title:FlexGrid Control Memory Corruption Vulnerability
Description:The FlexGrid ActiveX control in Microsoft Visual Basic 6.0, Visual FoxPro 8.0 SP1 and 9.0 SP1 and SP2, Office FrontPage 2002 SP3, and Office Project 2003 SP3 does not properly handle errors during access to incorrectly initialized objects, which allows remote attackers to execute arbitrary code via a crafted HTML document, related to corruption of the "system state," aka "FlexGrid Control Memory Corruption Vulnerability."
Family:windowsClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2008-4253
Platform(s):Microsoft Windows 2000
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows XP
Product(s):Microsoft Project 2003
Microsoft Visual Basic 6.0
Definition Synopsis
  • Vulnerable Project 2003
  • Microsoft Project 2003 SP3 is installed
  • AND Mscomct2.ocx version is less than 6.1.98.11
  • OR Vulnerable Office XP
  • Microsoft Office XP is installed
  • AND Check if version of Msflxgrd.ocx is less than 6.1.98.6
  • OR Vulnerable Visual Basic 6.0 or VisualFoxPro
  • Visual Basic 6.0 or VisualFoxPro
  • Microsoft Visual FoxPro is installed
  • OR Microsoft Visual Basic 6.0 is installed
  • AND Mscomct2.ocx version is less than 6.1.98.12
    • BACK