Threat Level: green Handler on Duty: Johannes Ullrich

SANS ISC: MS06-047: Office & Visual Basic for Application SANS ISC InfoSec Forums

Participate: Learn more about our honeypot network
https://isc.sans.edu/honeypot.html

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
MS06-047: Office & Visual Basic for Application
MS06-047 - KB 921645

CRITICAL

Visual Basic for Applications (VBA) is vulnerable to crafted documents that could yiled remote code execution.

This is exploitable though email in Outlook and by visiting website that host such documents. The user could also  obtain and open the document in another way (thumb drives, CDs etc.)

This replaces MS03-037.

CVE-2006-3649

--
Swa Frantzen -- section 66


Swa

760 Posts

Sign Up for Free or Log In to start participating in the conversation!