VYPR
Unrated severityNVD Advisory· Published May 20, 2014· Updated Jun 17, 2026

CVE-2014-3802

CVE-2014-3802

Description

msdia.dll in Microsoft Debug Interface Access (DIA) SDK, as distributed in Microsoft Visual Studio before 2013, does not properly validate an unspecified variable before use in calculating a dynamic-call address, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted PDB file.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

9
  • cpe:2.3:a:microsoft:debug_interface_access_software_development_kit:-:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:visual_studio:*:*:*:*:*:*:*:*+ 6 more
    • cpe:2.3:a:microsoft:visual_studio:*:*:*:*:*:*:*:*range: <=2012
    • cpe:2.3:a:microsoft:visual_studio:2002:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:visual_studio:2003:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:visual_studio:2005:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:visual_studio:2010:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:visual_studio:2010:sp1:*:*:*:*:*:*
    • (no CPE)range: <2013

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.