Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2010-0815

Опубликовано: 12 мая 2010
Источник: nvd
CVSS2: 9.3
EPSS Средний

Описание

VBE6.DLL in Microsoft Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Visual Basic for Applications (VBA), and VBA SDK 6.3 through 6.5 does not properly search for ActiveX controls that are embedded in documents, which allows remote attackers to execute arbitrary code via a crafted document, aka "VBE6.DLL Stack Memory Corruption Vulnerability."

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:microsoft:visual_basic_for_applications:*:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:visual_basic_sdk:6.3:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:visual_basic_sdk:6.4:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:visual_basic_sdk:6.5:*:*:*:*:*:*:*
Конфигурация 2

Одно из

cpe:2.3:a:microsoft:office:2003:sp3:*:*:*:*:*:*
cpe:2.3:a:microsoft:office:2007:sp1:*:*:*:*:*:*
cpe:2.3:a:microsoft:office:2007:sp2:*:*:*:*:*:*
cpe:2.3:a:microsoft:office:xp:sp3:*:*:*:*:*:*

EPSS

Процентиль: 98%
0.61415
Средний

9.3 Critical

CVSS2

Дефекты

CWE-94

Связанные уязвимости

github логотип

GHSA-cpqr-cpwc-vxwv

github
почти 4 года назад

VBE6.DLL in Microsoft Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Visual Basic for Applications (VBA), and VBA SDK 6.3 through 6.5 does not properly search for ActiveX controls that are embedded in documents, which allows remote attackers to execute arbitrary code via a crafted document, aka "VBE6.DLL Stack Memory Corruption Vulnerability."

EPSS

Процентиль: 98%
0.61415
Средний

9.3 Critical

CVSS2

Дефекты

CWE-94