Stack-based Buffer Overflow in Microsoft Visual Basic 6
CVE-2007-2884

Currently unrated

Key Information:

Vendor: Microsoft
Status: Visual Basic
Vendor: CVE Published:; 30 May 2007

What is CVE-2007-2884?

Microsoft Visual Basic 6 is susceptible to multiple stack-based buffer overflows that allow user-assisted remote attackers to execute arbitrary code or cause a denial of service through specially crafted Visual Basic Project (vbp) files. These files, containing overly long entries in the Description or Company Name fields, could lead to significant CPU consumption or unwanted operations, severely affecting system integrity.

References

http://osvdb.org/41053

vdb-entryx_refsource_OSVDB

https://exchange.xforce.ibmcloud.com/vulnerabilities/34475

vdb-entryx_refsource_XF

https://www.exploit-db.com/exploits/3977

exploitx_refsource_EXPLOIT-DB

EPSS Score

54% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 30, 2007
Vulnerability Reserved
May 29, 2007