Welcome to the TechSpot OpenBoards. Please read the FAQ if you have any questions. Login to participate.
Flaw in Visual Basic for Applications
|
|||||||
|
Thread Tools |
|
#1
09-03-2003
|
||||
|
||||
|
Flaw in Visual Basic for Applications
Affected Software:
Microsoft Visual Basic for Applications SDK 5.0, 6.0, 6.2 & 6.3 (Please see here for products which include this) A flaw exists in the way VBA checks document properties passed to it when a document is opened by the host application. A buffer overrun exists which if exploited successfully could allow an attacker to execute code of their choice in the context of the logged on user. In order for an attack to be successful, a user would have to open a specially crafted document sent to them by an attacker. This document could be any type of document that supports VBA, such as a Word document, Excel spreadsheet, PowerPoint presentation. In the case where Microsoft Word is being used as the HTML e-mail editor for Microsoft Outlook, this document could be an e-mail, however the user would need to reply to, or forward the mail message in order for the vulnerability to be exploited. Patch availability |
| Thread Tools | |
|
| Similar Topics | ||||
| Thread | Thread Starter | Forum | Replies | Last Post |
| Windows flaw exploit | Julio | Old Frontpage News & Comments | 3 | 08-12-2003 02:52 PM |
| Microsoft reveals DirectX 'critical' flaw | Julio | Old Frontpage News & Comments | 5 | 07-25-2003 09:17 PM |
| Flaw in Windows Media Player Skins | TS | Thomas | Old Frontpage News & Comments | 0 | 05-08-2003 02:08 PM |
| Which BASIC programming language to use?? | RustyZip | Misc. Software & Utilities | 5 | 02-14-2003 06:57 AM |
| 3Dlabs Introduces Breakthrough Visual Processing Architecture | Rick | News & Interesting links | 2 | 05-06-2002 06:52 AM |
All times are GMT -4. The time now is 01:21 AM.
