Memory corruption

VBE6.DLL in Microsoft Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Visual Basic for Applications VBA, and VBA SDK 6.3 through 6.5 does not properly search for ActiveX controls that are embedded in documents, which allows remote attackers to execute arbitrary code via ...

Microsoft Visual Basic for Applications文档检查溢出漏洞（MS06-047）

Microsoft Visual Basic for Applications（VBA）是用于开发客户端桌面所包装的应用程序并集成到现有数据和系统的开发技术。 VBA在处理包含畸形属性字段的文档时存在漏洞，攻击者可能利用此漏洞在用户机器上执行任意指令。 VBA在打开文档时会检查主机应用程序对其传送的某些文档属性，因此主机应用程序就可能向VBA传送未检查的参数。如果攻击者能够诱骗用户打开设置了特殊属性的文档的话，就可能触发缓冲区溢出，导致执行任意代码。 Microsoft Office XP Microsoft Office 2000 Microsoft Visual Basic for...

CVE-2003-0347

Vulnerability CVE-2003-0347 affects Microsoft Visual Basic for Applications (VBA) 5.0–6.3 via heap-based overflow in VBE.DLL and VBE6.DLL. An attacker could supply a document with a long ID parameter to cause remote code execution. Impact is remote compromise with user privileges; affected compon...