|
|
Family: Windows : Microsoft Bulletins --> Category: infos
Visual Basic for Application Overflow Vulnerability Scan
Vulnerability Scan Summary
Acertains the version of vbe.dll and vbe6.dll
Detailed Explanation for this Vulnerability Test
Synopsis :
Arbitrary code can be executed on the remote host through VBA.
Description :
The remote host is running a version of Microsoft Visual Basic for Applications
which is vulnerable to a buffer overflow when handling malformed documents.
A possible hacker may exploit this flaw to execute arbitrary code on this host, by
sending a malformed file to a user of the remote host.
Solution :
Microsoft has released a set of patches for Office :
http://www.microsoft.com/technet/security/bulletin/ms03-037.mspx
Threat Level:
High / CVSS Base Score : 8
(AV:R/AC:H/Au:NR/C:C/A:C/I:C/B:N)
Click HERE for more information and discussions on this network vulnerability scan.
|
