Buffer Overflow Vulnerability in Microsoft Visual Basic 6.0 and Enterprise Edition
CVE-2007-4776

Currently unrated

Key Information:

Vendor: Microsoft
Status: Visual Basic
Vendor: CVE Published:; 10 September 2007

Summary

A buffer overflow vulnerability exists in Microsoft Visual Basic 6.0 and Enterprise Edition 6.0 SP6. This vulnerability allows user-assisted remote attackers to execute arbitrary code by providing a specially crafted Visual Basic project (vbp) file containing an excessively long Reference line, particularly during the VBP_Open and OLE processes. While the potential for exploitation is limited, this issue poses a risk to the integrity and security of systems utilizing the affected software.

References

http://www.osvdb.org/36936

vdb-entryx_refsource_OSVDB

http://secunia.com/advisories/26704

third-party-advisoryx_refsource_SECUNIA

http://www.securityfocus.com/bid/25629

vdb-entryx_refsource_BID

EPSS Score

81% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Sep 10, 2007
Vulnerability Reserved
Sep 10, 2007