393 matches found
MS06-047: Vulnerability in Microsoft Visual Basic for Applications Could Allow Remote Code Execution (921645)
The remote host is running a version of Microsoft Visual Basic for Applications that is vulnerable to a buffer overflow when handling malformed documents. An attacker may exploit this flaw to execute arbitrary code on this host by sending a malformed file to a user of the remote host. C Tenable...
Microsoft Visual Basic for Applications buffer overflow
Overview Microsoft Visual Basic for Applications fails to properly validate document properties. This vulnerability could allow a remote attacker to execute arbitrary code. Description Visual Basic For Applications VBA According to Microsoft Security Bulletin MS06-047: Microsoft VBA is a...
Microsoft Visual Basic for Applications Document Check Buffer Overflow Vulnerability
Description A vulnerability has been discovered in Microsoft Visual Basic for Applications. The vulnerability occurs due to insufficient bounds checking when checking the properties of malicious documents. As a result, a malformed document may be able to trigger a buffer-overflow within the...
Microsoft Security Bulletin MS06-047 Vulnerability in Microsoft Visual Basic for Applications Could Allow Remote Code Execution (921645)
Microsoft Security Bulletin MS06-047 Vulnerability in Microsoft Visual Basic for Applications Could Allow Remote Code Execution 921645 Published: August 8, 2006 Version: 1.0 Summary Who Should Read this Document: Customers using Microsoft Office applications or applications that use Microsoft...
serversAlive.txt
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Advisory information: Title: Servers Alive - Privilege Escalation CVE Candidate Number: CAN-2005-0352 Application: Servers Alive Versions known affected: 4.1, 5.0; other versions not tested. Classification: Privilege Escalation Author: Michael Starks...
Servers Alive: Local Privilege Escalation
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Advisory information: Title: Servers Alive - Privilege Escalation CVE Candidate Number: CAN-2005-0352 Application: Servers Alive Versions known affected: 4.1, 5.0; other versions not tested. Classification: Privilege Escalation Author: Michael Starks...
CVE-2003-0347
Heap-based buffer overflow in VBE.DLL and VBE6.DLL of Microsoft Visual Basic for Applications VBA SDK 5.0 through 6.3 allows remote attackers to execute arbitrary code via a document with a long ID parameter...
CVE-2003-0347
Heap-based buffer overflow in VBE.DLL and VBE6.DLL of Microsoft Visual Basic for Applications VBA SDK 5.0 through 6.3 allows remote attackers to execute arbitrary code via a document with a long ID parameter...
CVE-2003-0347
Vulnerability CVE-2003-0347 affects Microsoft Visual Basic for Applications (VBA) 5.0–6.3 via heap-based overflow in VBE.DLL and VBE6.DLL. An attacker could supply a document with a long ID parameter to cause remote code execution. Impact is remote compromise with user privileges; affected compon...
MS03-037: Visual Basic for Application Overflow (822715)
The remote host is running a version of Microsoft Visual Basic for Applications that is vulnerable to a buffer overflow when handling malformed documents. An attacker may exploit this flaw to execute arbitrary code on this host by sending a malformed file to a user of the remote host. C Tenable...
Microsoft Visual Basic for Applications buffer overflow
Buffer overflow on opening macro document...
Microsoft Security Bulletin MS03-037: Flaw in Visual Basic for Applications Could Allow Arbitrary Code Execution(822715)
-----BEGIN PGP SIGNED MESSAGE----- - ---------------------------------------------------------------------- Title: Flaw in Visual Basic for Applications Could Allow Arbitrary Code Execution 822715 Date: 03 September 2003 Affected Software: Microsoft Visual Basic for Applications SDK 5.0 Microsoft...
Microsoft Visual Basic For Applications SDK 5.06.06.26.3 - Document Handling Buffer Overrun
Microsoft Visual Basic For Applications SDK 5.06.06.26.3 - Document Handling Buffer Overrun source: https://www.securityfocus.com/bid/8534/info A vulnerability has been discovered in Microsoft Visual Basic for Applications. The vulnerability occurs because the software fails to perform sufficient...
Microsoft Visual Basic For Applications SDK 5.0/6.0/6.2/6.3 - Document Handling Buffer Overrun
source: https://www.securityfocus.com/bid/8534/info A vulnerability has been discovered in Microsoft Visual Basic for Applications. The vulnerability occurs because the software fails to perform sufficient boundary checks when parsing specific properties of malformed documents. As a result, a...
CVE-2002-0619
The Mail Merge Tool in Microsoft Word 2002 for Windows, when Microsoft Access is present on a system, allows remote attackers to execute Visual Basic VBA scripts within a mail merge document that is saved in HTML format, aka a "Variant of MS00-071, Word Mail Merge Vulnerability" CVE-2000-0788...
CVE-2000-0788
The Mail Merge tool in Microsoft Word does not prompt the user before executing Visual Basic VBA scripts in an Access database, which could allow an attacker to execute arbitrary commands...
McKesson Pathways Homecare 6.5 - Weak Username and Password Encryption
McKesson Pathways Homecare 6.5 - Weak Username and Password Encryption source: https://www.securityfocus.com/bid/3653/info McKesson Pathways Homecare is a client/server application which is used to track patient information, billing information and medical records for home care patients. The...
CVE-2000-0788
The Mail Merge tool in Microsoft Word does not prompt the user before executing Visual Basic VBA scripts in an Access database, which could allow an attacker to execute arbitrary commands...
CVE-2000-0597
Microsoft Office 2000 Excel and PowerPoint and PowerPoint 97 are marked as safe for scripting, which allows remote attackers to force Internet Explorer or some email clients to save files to arbitrary locations via the Visual Basic for Applications VBA SaveAs function, aka the "Office HTML Script...
Advisory CA-2000-16
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 CERT Advisory CA-2000-16 Microsoft 'IE Script'/Access/OBJECT Tag Vulnerability Original release date: August 11, 2000 Last revised: -- Source: CERT/CC A complete revision history is at the end of this file. Systems Affected Internet Explorer 4.x, 5.x...