T-SQL Debugger Buffer Overrun Fix

T-SQL Debugger Buffer Overrun Fix

Download Now

The following update is designed for machines with Microsoft Visual Studio 6.0, Enterprise Edition.

Issue Description

Visual Studio 6.0, Enterprise Edition includes a Microsoft Visual Basic® feature for debugging T-SQL. This feature contains a problem that could cause a buffer overrun. Because the default installation of the Debugger object allows anyone to start the debugger and run as the logged-on interactive user, this bug potentially could be exploited with malicious intentions.

Symptoms

A Visual Basic T-SQL Debugger object can have a stack corruption which may occur due to a buffer overflow inside the method. If the string is sufficiently large, the stack frame maybe overwritten, resulting in the following error:

Run-time error '-2147023170 (800706be)': Automation error. The remote procedure call failed.

or sometimes resulting in an Access Violation in the Visual Basic 6.0 integrated development environment (VB6.EXE process).

More information

For additional information, please see the following Microsoft Security Bulletin.

Solution

Click the link to download this update file. It will update the T-SQL Debugger and eliminate this security problem.

Please Note: This patch is not localized and can be used without issue with localized versions of VS6.

Page view tracker