Описание
Heap-based buffer overflow in VBE.DLL and VBE6.DLL of Microsoft Visual Basic for Applications (VBA) SDK 5.0 through 6.3 allows remote attackers to execute arbitrary code via a document with a long ID parameter.
Ссылки
- US Government Resource
- ExploitPatchVendor Advisory
- US Government Resource
- ExploitPatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:microsoft:office:2000:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:office:2000:sp2:*:*:*:*:*:*
cpe:2.3:a:microsoft:office:2000:sp3:*:*:*:*:*:*
cpe:2.3:a:microsoft:office:xp:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:office:xp:sp1:*:*:*:*:*:*
cpe:2.3:a:microsoft:office:xp:sp2:*:*:*:*:*:*
cpe:2.3:a:microsoft:project:2000:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:project:2002:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:visio:2002:*:professional:*:*:*:*:*
cpe:2.3:a:microsoft:visual_basic:5.0:*:sdk:*:*:*:*:*
cpe:2.3:a:microsoft:visual_basic:6.2:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:visual_basic:6.2:*:sdk:*:*:*:*:*
cpe:2.3:a:microsoft:visual_basic:6.3:*:sdk:*:*:*:*:*
EPSS
Процентиль: 99%
0.70456
Высокий
10 Critical
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
больше 3 лет назад
Heap-based buffer overflow in VBE.DLL and VBE6.DLL of Microsoft Visual Basic for Applications (VBA) SDK 5.0 through 6.3 allows remote attackers to execute arbitrary code via a document with a long ID parameter.
EPSS
Процентиль: 99%
0.70456
Высокий
10 Critical
CVSS2
Дефекты
NVD-CWE-Other