Unrated severityNVD Advisory· Published May 20, 2014· Updated Jun 17, 2026
CVE-2014-3802
CVE-2014-3802
Description
msdia.dll in Microsoft Debug Interface Access (DIA) SDK, as distributed in Microsoft Visual Studio before 2013, does not properly validate an unspecified variable before use in calculating a dynamic-call address, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted PDB file.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
9- cpe:2.3:a:microsoft:debug_interface_access_software_development_kit:-:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:visual_studio:*:*:*:*:*:*:*:*+ 6 more
- cpe:2.3:a:microsoft:visual_studio:*:*:*:*:*:*:*:*range: <=2012
- cpe:2.3:a:microsoft:visual_studio:2002:*:*:*:*:*:*:*
- cpe:2.3:a:microsoft:visual_studio:2003:*:*:*:*:*:*:*
- cpe:2.3:a:microsoft:visual_studio:2005:*:*:*:*:*:*:*
- cpe:2.3:a:microsoft:visual_studio:2010:*:*:*:*:*:*:*
- cpe:2.3:a:microsoft:visual_studio:2010:sp1:*:*:*:*:*:*
- (no CPE)range: <2013
Patches
Vulnerability mechanics
References
2- www.securityfocus.com/bid/67398nvdThird Party AdvisoryVDB Entry
- zerodayinitiative.com/advisories/ZDI-14-129/nvdThird Party AdvisoryVDB Entry
News mentions
0No linked articles in our index yet.