Microsoft Visual Basic VBP file buffer overflow

Added: 10/05/2007
CVE: CVE-2007-4776
BID: 25629
OSVDB: 36936

Background

Microsoft Visual Basic is a development tool for building Windows applications.

Problem

A buffer overflow vulnerability in Microsoft Visual Basic allows command execution when a user opens a specially crafted Visual Basic Project (VBP) file.

Resolution

Do not open untrusted VBP files.

References

http://secunia.com/advisories/26704

Limitations

Exploit works on Microsoft Visual Basic 6.0 on Windows 2000 and XP and requires a user to download and open the exploit file.

Platforms

Windows

Back to exploit index