CVE-2008-2959 – Visual Basic Enterprise Edition SP6 - 'vb6skit.dll' Buffer Overflow (PoC)

https://notcve.org/view.php?id=CVE-2008-2959

Buffer overflow in a certain ActiveX control (vb6skit.dll) in Microsoft Visual Basic Enterprise Edition 6.0 SP6 might allow remote attackers to execute arbitrary code via a long lpstrLinkPath argument to the fCreateShellLink function. Desbordamiento de búfer en un determinado control ActiveX (vb6skit.dll) de Microsoft Visual Basic Enterprise Edition 6.0 SP6 puede permitir a atacantes remotos ejecutar código de su elección a través de un argumento lpstrLinkPath largo de la función fCreateShellLink. • https://www.exploit-db.com/exploits/5851 http://www.securityfocus.com/bid/29792 https://exchange.xforce.ibmcloud.com/vulnerabilities/43180 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •