CVE-2014-3802
msdia.dll in Microsoft Debug Interface Access (DIA) SDK, as distributed in Microsoft Visual Studio before 2013, does not properly validate an unspecified variable before use in calculating a dynamic-call address, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted PDB file.
Ver en NVDSeveridad
N/A
EPSS
Probabilidad de explotación (próx. 30 días): 0.0959 (9.6%)
Percentil: 92.9%
EPSS: 2026-05-06
Afecta
microsoft:debug_interface_access_software_development_kitmicrosoft:visual_studioDescripción técnica
msdia.dll in Microsoft Debug Interface Access (DIA) SDK, as distributed in Microsoft Visual Studio before 2013, does not properly validate an unspecified variable before use in calculating a dynamic-call address, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted PDB file.
Publicada: 20/5/2014, 23:55:05
Última modificación: 6/5/2026, 22:30:45