Microsoft Visual Basic 6.0 Project Company Name Denial of Service Vulnerability
BID:24129
Info
Microsoft Visual Basic 6.0 Project Company Name Denial of Service Vulnerability
| Bugtraq ID: | 24129 |
| Class: | Boundary Condition Error |
| CVE: |
CVE-2007-2884 |
| Remote: | Yes |
| Local: | No |
| Published: | May 23 2007 12:00AM |
| Updated: | May 07 2015 05:37PM |
| Credit: | UmZ (Umair Manzoor) is credited with the discovery of this vulnerability. |
| Vulnerable: |
Microsoft Visual Basic 6.0 |
| Not Vulnerable: | |
Discussion
Microsoft Visual Basic 6.0 Project Company Name Denial of Service Vulnerability
Microsoft Visual Basic 6.0 is prone to a denial-of-service vulnerability because the application fails to bounds-check user-supplied data before copying it into an insufficiently sized buffer.
An attacker can exploit this issue to cause a denial-of-service condition. The attacker may also be able to execute arbitrary code within the context of the affected application, but this has not been confirmed.
Microsoft Visual Basic 6.0 is prone to a denial-of-service vulnerability because the application fails to bounds-check user-supplied data before copying it into an insufficiently sized buffer.
An attacker can exploit this issue to cause a denial-of-service condition. The attacker may also be able to execute arbitrary code within the context of the affected application, but this has not been confirmed.
Exploit / POC
Microsoft Visual Basic 6.0 Project Company Name Denial of Service Vulnerability
The following proof of concept is available.
The following proof of concept is available.
Solution / Fix
Microsoft Visual Basic 6.0 Project Company Name Denial of Service Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches for these issues. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution:
Currently we are not aware of any vendor-supplied patches for these issues. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
References
Microsoft Visual Basic 6.0 Project Company Name Denial of Service Vulnerability
References:
References:
- Visual Basic Homepage (Microsoft)