|
Family: Windows : Microsoft Bulletins --> Category: infos
Vulnerability in Microsoft Visual Basic for Applications Could Allow Remote Code Execution (921645) Vulnerability Scan
Vulnerability Scan Summary Acertains the version of vbe6.dll
Detailed Explanation for this Vulnerability Test
Synopsis :
Arbitrary code can be executed on the remote host through VBA.
Description :
The remote host is running a version of Microsoft Visual Basic for Applications
which is vulnerable to a buffer overflow when handling malformed documents.
A possible hacker may exploit this flaw to execute arbitrary code on this host, by
sending a malformed file to a user of the remote host.
Solution :
Microsoft has released a set of patches for Office :
http://www.microsoft.com/technet/security/bulletin/ms06-047.mspx
Threat Level:
Medium / CVSS Base Score : 5.6
(AV:R/AC:H/Au:NR/C:P/I:P/A:P/B:N)
Click HERE for more information and discussions on this network vulnerability scan.
|