Microsoft Visual Studio 2010 – Vsabv10dt.dll Malformed HTML Null Pointer Dereference Vulnerability

Author(s): Ivan Sanchez & Hernan Hegykozi
Contact Us:
Versions: Microsoft Visual Studio 2010 / Vsabv10dt.dll
Date: 13/10/2011
Product: Microsoft Microsoft Visual Studio 2010/ VVsabv10dt.dll
Vendor: Notified
Internal Id: MSRC 11644

We have discovered that the product “Microsoft Visual Studio 2010 – Vsabv10dt.dll” presents a big hole regarding a Remote NULL Pointer Dereference , crashing the application when you run special  code .

Vendor Statement:

Microsoft Security Response Center has investigated this issue and it results being a NULL pointer dereference. Based on this, this issue can’t be exploited to execute arbitrary code and it results in a stability bug. This issue will be considered to be resolved in a future release of Microsoft.


Microsoft is working to solve this error  for next version of Internet Explorer to address this stability issue.

Leave a Reply