Lucene search

[email protected]CVE-2007-2884

HistoryMay 30, 2007 - 1:30 a.m.

CVE-2007-2884

2007-05-3001:30:00

CWE-399

CWE-20

[email protected]

web.nvd.nist.gov

cve-2007-2884

microsoft visual basic 6

buffer overflow

denial of service

arbitrary code execution

nvd

8.6 High

AI Score

Confidence

High

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.158 Low

EPSS

Percentile

95.9%

JSON

Multiple stack-based buffer overflows in Microsoft Visual Basic 6 allow user-assisted remote attackers to cause a denial of service (CPU consumption) or execute arbitrary code via a Visual Basic Project (vbp) file with a long (1) Description or (2) Company Name (VersionCompanyName) field.

CPENameOperatorVersion
microsoft:visual_basicmicrosoft visual basiceq6.0

CPE	Name	Operator	Version
microsoft:visual_basic	microsoft visual basic	eq	6.0

References

osvdb.org/41052

osvdb.org/41053

www.securityfocus.com/bid/24128

www.securityfocus.com/bid/24129

exchange.xforce.ibmcloud.com/vulnerabilities/34475

exchange.xforce.ibmcloud.com/vulnerabilities/34476

www.exploit-db.com/exploits/3976

www.exploit-db.com/exploits/3977

8.6 High

AI Score

Confidence

High

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.158 Low

EPSS

Percentile

95.9%

JSON

Related for CVE-2007-2884

prion1