Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: MS06-047: Office & Visual Basic for Application - SANS Internet Storm Center SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
MS06-047: Office & Visual Basic for Application
MS06-047 - KB 921645

CRITICAL

Visual Basic for Applications (VBA) is vulnerable to crafted documents that could yiled remote code execution.

This is exploitable though email in Outlook and by visiting website that host such documents. The user could also  obtain and open the document in another way (thumb drives, CDs etc.)

This replaces MS03-037.

CVE-2006-3649

--
Swa Frantzen -- section 66


Swa

760 Posts

Sign Up for Free or Log In to start participating in the conversation!