CVE-2008-2959

Currently unrated

Key Information:

Vendor: Microsoft
Status: Visual Basic Enterprise Edition
Vendor: CVE Published:; 2 July 2008

Summary

Buffer overflow in a certain ActiveX control (vb6skit.dll) in Microsoft Visual Basic Enterprise Edition 6.0 SP6 might allow remote attackers to execute arbitrary code via a long lpstrLinkPath argument to the fCreateShellLink function.

References

https://www.exploit-db.com/exploits/5851

exploitx_refsource_EXPLOIT-DB

http://www.securityfocus.com/bid/29792

vdb-entryx_refsource_BID

https://exchange.xforce.ibmcloud.com/vulnerabilities/43180

vdb-entryx_refsource_XF

EPSS Score

86% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Jul 2, 2008
Vulnerability Reserved
Jul 2, 2008

Collectors

NVD DatabaseMitre Database