Threat Level: green Handler on Duty: Tom Webb

SANS ISC InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

MS06-047: Office & Visual Basic for Application

Published: 2006-08-08
Last Updated: 2006-08-10 07:49:45 UTC
by Swa Frantzen (Version: 1)
0 comment(s)
MS06-047 - KB 921645

CRITICAL

Visual Basic for Applications (VBA) is vulnerable to crafted documents that could yiled remote code execution.

This is exploitable though email in Outlook and by visiting website that host such documents. The user could also  obtain and open the document in another way (thumb drives, CDs etc.)

This replaces MS03-037.

CVE-2006-3649

--
Swa Frantzen -- section 66


Keywords:
0 comment(s)
Diary Archives