Vulnerability Name:

CVE-2008-3704 (CCN-44444)

Assigned:2008-08-13
Published:2008-08-13
Updated:2018-10-12
Summary:Heap-based buffer overflow in the MaskedEdit ActiveX control in Msmask32.ocx 6.0.81.69, and possibly other versions before 6.0.84.18, in Microsoft Visual Studio 6.0, Visual Basic 6.0, Visual Studio .NET 2002 SP1 and 2003 SP1, and Visual FoxPro 8.0 SP1 and 9.0 SP1 and SP2 allows remote attackers to execute arbitrary code via a long Mask parameter, related to not "validating property values with boundary checks," as exploited in the wild in August 2008, aka "Masked Edit Control Memory Corruption Vulnerability."
Additional advisory information from Secunia: http://secunia.com/advisories/31498/
"Visual Studio 6 was last updated June 2000, a Microsoft spokeswoman told SCMagazineUS.com. The version is no longer supported. Visual Studio 2008 is the latest release and microsoft encourages users to update to the newest version."

Source: http://www.scmagazineus.com/Microsoft-looks-into-Visual-Studio-bug/article/115459/
CVSS v3 Severity:10.0 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Changed
Impact Metrics:Confidentiality (C): High
Integrity (I): High
Availibility (A): High
CVSS v2 Severity:9.3 High (CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C)
7.7 High (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C/E:F/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Authentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
9.3 High (CCN CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C)
7.7 High (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C/E:F/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Athentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
Vulnerability Type:CWE-119
Vulnerability Consequences:Gain Access
References:Source: MITRE
Type: CNA
CVE-2008-3704

Source: CCN
Type: HP Security Bulletin HPSBST02394 SSRT080183 rev.1
Storage Management Appliance (SMA), Microsoft Patch Applicability MS08-070 to MS08-077

Source: CCN
Type: Microsoft Visual Studio 6.0 Web site
Visual Studio 6.0

Source: CCN
Type: SA31498
Microsoft Visual Studio Masked Edit Control "Mask" Buffer Overflow

Source: SECUNIA
Type: Vendor Advisory
31498

Source: CCN
Type: SECTRACK ID: 1020710
Visual Studio Buffer Overflow in 'Msmask32.ocx' ActiveX Control Lets Remote Users Execute Arbitrary Code

Source: CONFIRM
Type: UNKNOWN
http://support.avaya.com/elmodocs2/security/ASA-2008-473.htm

Source: CCN
Type: ASA-2008-473
MS08-070 Vulnerabilities in Visual Basic 6.0 Runtime Extended Files (ActiveX Controls) Could Allow Remote Code Execution (932349)

Source: CCN
Type: Microsoft Security Bulletin MS08-070
Vulnerabilities in Visual Basic 6.0 Runtime Extended Files (ActiveX Controls) Could Allow Remote Code Execution (932349)

Source: BID
Type: Exploit, Patch
30674

Source: CCN
Type: BID-30674
Microsoft Visual Studio 'Msmask32.ocx' ActiveX Control Remote Buffer Overflow Vulnerability

Source: SECTRACK
Type: UNKNOWN
1020710

Source: CERT
Type: US Government Resource
TA08-344A

Source: VUPEN
Type: Vendor Advisory
ADV-2008-2380

Source: VUPEN
Type: Vendor Advisory
ADV-2008-3382

Source: MS
Type: UNKNOWN
MS08-070

Source: XF
Type: UNKNOWN
visualstudio-maskededit-bo(44444)

Source: XF
Type: UNKNOWN
visualstudio-maskededit-bo(44444)

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:5794

Source: EXPLOIT-DB
Type: UNKNOWN
6244

Source: EXPLOIT-DB
Type: UNKNOWN
6317

Source: CCN
Type: Rapid7 Vulnerability and Exploit Database [05-30-2018]
Microsoft Visual Studio Mdmask32.ocx ActiveX Buffer Overflow

Vulnerable Configuration:Configuration 1:
  • cpe:/a:microsoft:visual_basic:6.0:*:*:*:*:*:*:*
  • OR cpe:/a:microsoft:visual_foxpro:8.0:sp1:*:*:*:*:*:*
  • OR cpe:/a:microsoft:visual_foxpro:9.0:sp1:*:*:*:*:*:*
  • OR cpe:/a:microsoft:visual_foxpro:9.0:sp2:*:*:*:*:*:*
  • OR cpe:/a:microsoft:visual_studio:6.0:*:*:*:*:*:*:*
  • OR cpe:/a:microsoft:visual_studio_.net:2002:sp1:*:*:*:*:*:*
  • OR cpe:/a:microsoft:visual_studio_.net:2003:sp1:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:microsoft:visual_studio_.net:2002:sp1:*:*:*:*:*:*
  • OR cpe:/a:microsoft:visual_studio_.net:2003:sp1:*:*:*:*:*:*
  • OR cpe:/a:microsoft:visual_foxpro:8.0:sp1:*:*:*:*:*:*
  • OR cpe:/a:microsoft:visual_foxpro:9.0:sp1:*:*:*:*:*:*
  • OR cpe:/a:microsoft:visual_foxpro:9.0:sp2:*:*:*:*:*:*
  • OR cpe:/a:microsoft:visual_basic:6.0:*:runtime_extended_files:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.mitre.oval:def:5794
    V
    		Masked Edit Control Memory Corruption Vulnerability
    2012-11-12
    BACK
    microsoft visual basic 6.0
    microsoft visual foxpro 8.0 sp1
    microsoft visual foxpro 9.0 sp1
    microsoft visual foxpro 9.0 sp2
    microsoft visual studio 6.0
    microsoft visual studio .net 2002 sp1
    microsoft visual studio .net 2003 sp1
    microsoft visual studio .net 2002 sp1
    microsoft visual studio .net 2003 sp1
    microsoft visual foxpro 8.0 sp1
    microsoft visual foxpro 9.0 sp1
    microsoft visual foxpro 9.0 sp2
    microsoft visual basic 6.0