CVE-2006-4494

CVE Database · CVE-2006-4494

CVE-2006-4494

· N/AModified

CVSS v3.1

N/A

EPSS

21.58%

Published

Aug 31, 2006

Modified

Apr 15, 2026

Public PoC / Exploit (2)

All weaponized →

Exploit-DBMicrosoft Internet Explorer 6 - Visual Studio COM Object Instantiation Denial of Service TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Microsoft Visual Studio 6.0 allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code by instantiating certain Visual Studio 6.0 ActiveX COM Objects in Internet Explorer, including (1) tcprops.dll, (2) fp30wec.dll, (3) mdt2db.dll, (4) mdt2qd.dll, and (5) vi30aut.dll.

Affected Products (2)

microsoft · visual_studiovulnerable

References (8)

http://securityreason.com/securityalert/1473

http://www.securityfocus.com/archive/1/443499/100/100/threaded

http://www.securityfocus.com/bid/19572

http://www.xsec.org/index.php?module=releases&act=view&type=1&id=15

ExploitVendor Advisory

http://securityreason.com/securityalert/1473

http://www.securityfocus.com/archive/1/443499/100/100/threaded

http://www.securityfocus.com/bid/19572

http://www.xsec.org/index.php?module=releases&act=view&type=1&id=15

ExploitVendor Advisory

KEV Catalog EPSS Scores Vendors All CVEs