Unrated severityNVD Advisory· Published Aug 31, 2006· Updated Apr 16, 2026

CVE-2006-4494

Description

Microsoft Visual Studio 6.0 allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code by instantiating certain Visual Studio 6.0 ActiveX COM Objects in Internet Explorer, including (1) tcprops.dll, (2) fp30wec.dll, (3) mdt2db.dll, (4) mdt2qd.dll, and (5) vi30aut.dll.

Affected products

Microsoft/Visual Studio2 versions
cpe:2.3:a:microsoft:visual_studio:6.0:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:microsoft:visual_studio:6.0:*:*:*:*:*:*:*
- cpe:2.3:a:microsoft:visual_studio:6.0:sp1:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.xsec.org/index.phpnvdExploitVendor Advisory
securityreason.com/securityalert/1473nvd
www.securityfocus.com/archive/1/443499/100/100/threadednvd
www.securityfocus.com/bid/19572nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.041
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000