Vulnerabilities > CVE-2003-0347 - Unspecified vulnerability in Microsoft products

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

microsoft

nessus

exploit available

NVD

Published: 2003-10-20

Updated: 2024-11-20

Summary

Heap-based buffer overflow in VBE.DLL and VBE6.DLL of Microsoft Visual Basic for Applications (VBA) SDK 5.0 through 6.3 allows remote attackers to execute arbitrary code via a document with a long ID parameter.

Vulnerable Configurations

Part	Description	Count
Application	Microsoft Microsoft Visual Basic 6.3 Microsoft Visual Basic 5.0 Microsoft Visual Basic 6.2 Microsoft Project 2000 Microsoft Project 2002 Microsoft Office 2000 Microsoft Office Xp Microsoft Visio 2002	13

Exploit-Db

description	Microsoft Visual Basic For Applications SDK 5.0/6.0/6.2/6.3 Document Handling Buffer Overrun Vulnerability. CVE-2003-0347. Remote exploit for windows platform
id	EDB-ID:23094
last seen	2016-02-02
modified	2003-09-03
published	2003-09-03
reporter	eEye Digital Security Team
source	https://www.exploit-db.com/download/23094/
title	Microsoft Visual Basic For Applications SDK 5.0/6.0/6.2/6.3 Document Handling Buffer Overrun Vulnerability

Nessus

NASL family	Windows : Microsoft Bulletins
NASL id	SMB_NT_MS03-037.NASL
description	The remote host is running a version of Microsoft Visual Basic for Applications that is vulnerable to a buffer overflow when handling malformed documents. An attacker may exploit this flaw to execute arbitrary code on this host by sending a malformed file to a user of the remote host.
last seen	2020-06-01
modified	2020-06-02
plugin id	11832
published	2003-09-04
reporter	This script is Copyright (C) 2003-2018 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/11832
title	MS03-037: Visual Basic for Application Overflow (822715)

Summary

Vulnerable Configurations

Exploit-Db

Nessus

References