CVSS: 9.3EPSS: 59%CPEs: 8EXPL: 0CVE-2010-0815
https://notcve.org/view.php?id=CVE-2010-0815
12 May 2010 — VBE6.DLL in Microsoft Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Visual Basic for Applications (VBA), and VBA SDK 6.3 through 6.5 does not properly search for ActiveX controls that are embedded in documents, which allows remote attackers to execute arbitrary code via a crafted document, aka "VBE6.DLL Stack Memory Corruption Vulnerability." VBE6.DLL en Microsoft Office XP SP3, Office 2003 SP3, Microsoft Office System 2007 SP1 y SP2, Visual Basic para Aplicaciones (VBA), y VBA S... • http://www.us-cert.gov/cas/techalerts/TA10-131A.html • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 7.8EPSS: 46%CPEs: 4EXPL: 0CVE-2006-3649
https://notcve.org/view.php?id=CVE-2006-3649
09 Aug 2006 — Buffer overflow in Microsoft Visual Basic for Applications (VBA) SDK 6.0 through 6.4, as used by Microsoft Office 2000 SP3, Office XP SP3, Project 2000 SR1, Project 2002 SP1, Access 2000 Runtime SP3, Visio 2002 SP2, and Works Suite 2004 through 2006, allows user-assisted attackers to execute arbitrary code via unspecified document properties that are not verified when VBA is invoked to open documents. Desbordamiento de búfer en Microsoft Visual Basic para Aplicaciones (VBA) SDK 6.0 hasta 6.4, como se usa en... • http://secunia.com/advisories/21408 •
CVSS: 10.0EPSS: 74%CPEs: 13EXPL: 2CVE-2003-0347 – Microsoft Visual Basic For Applications SDK 5.0/6.0/6.2/6.3 - Document Handling Buffer Overrun
https://notcve.org/view.php?id=CVE-2003-0347
04 Sep 2003 — Heap-based buffer overflow in VBE.DLL and VBE6.DLL of Microsoft Visual Basic for Applications (VBA) SDK 5.0 through 6.3 allows remote attackers to execute arbitrary code via a document with a long ID parameter. • https://www.exploit-db.com/exploits/23094 •