CyberSec.Space Logo
CVEブラウザに戻る

CVE-2007-2884

CRITICAL
9.3
CVSS Severity Score
EPSS Score0.1860%
EPSS Percentile11.98th
Published2007年5月30日
Last Modified2026年4月23日

Vulnerability Description

Multiple stack-based buffer overflows in Microsoft Visual Basic 6 allow user-assisted remote attackers to cause a denial of service (CPU consumption) or execute arbitrary code via a Visual Basic Project (vbp) file with a long (1) Description or (2) Company Name (VersionCompanyName) field.

Affected Platforms (CPE)

📦
Microsoft

Visual Basic

= 6.0

References & Advisories

🔗 http://osvdb.org/41052
🔗 http://osvdb.org/41053
🔗 http://www.securityfocus.com/bid/24128
🔗 http://www.securityfocus.com/bid/24129
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/34475
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/34476
🔗 https://www.exploit-db.com/exploits/3976
🔗 https://www.exploit-db.com/exploits/3977

関連する脆弱性情報

CVE-2006-473210.0

Unspecified vulnerability in Microsoft Visual Basic (VB) 6 has an unknown impact ("overflow") via a project that contains a certai...

CVE-2000-078810.0

The Mail Merge tool in Microsoft Word does not prompt the user before executing Visual Basic (VBA) scripts in an Access database, ...

CVE-2003-034710.0

Heap-based buffer overflow in VBE.DLL and VBE6.DLL of Microsoft Visual Basic for Applications (VBA) SDK 5.0 through 6.3 allows rem...

CVE-2007-006510.0

Heap-based buffer overflow in Object Linking and Embedding (OLE) Automation in Microsoft Windows 2000 SP4, XP SP2, Server 2003 SP1...