VULHUB ™

The Visual Basic Design Time Environment library (VBE.DLL and VBE6.DLL), used by the Microsoft Office series and other Microsoft applications, contains an exploitable heap overflow vulnerability. If a malicious Office file such as .doc, .xls, etc. is opened, there is the ability for an attacker to execute arbitrary code. This buffer overflow bug also affects Internet Explorer, because some Office files are executed automatically by a helper-application when these files are received. Systems Affected: Microsoft Access 97/2000/2002, Excel 97/2000/2002, PowerPoint 97/2000/2002, Project 2000/2002, Publisher 2002, Visio 2000/2002, Word 97/98(J)/2000/2002, Works Suite 2001/2002/2003, Business Solutions Great Plains 7.5, Business Solutions Dynamics 6.0/7.0, Business Solutions eEnterprise 6.0/7.0, Business Solutions Solomon 4.5/5.0/5.5.

The Visual Basic Design Time Environment library (VBE.DLL and VBE6.DLL), used by the Microsoft Office series and other Microsoft applications, contains an exploitable heap overflow vulnerability. If a malicious Office file such as .doc, .xls, etc. is opened, there is the ability for an attacker to execute arbitrary code. This buffer overflow bug also affects Internet Explorer, because some Office files are executed automatically by a helper-application when these files are received. Systems Affected: Microsoft Access 97/2000/2002, Excel 97/2000/2002, PowerPoint 97/2000/2002, Project 2000/2002, Publisher 2002, Visio 2000/2002, Word 97/98(J)/2000/2002, Works Suite 2001/2002/2003, Business Solutions Great Plains 7.5, Business Solutions Dynamics 6.0/7.0, Business Solutions eEnterprise 6.0/7.0, Business Solutions Solomon 4.5/5.0/5.5.