Heap-based buffer overflow in VBE.DLL and VBE6.DLL of Microsoft Visual Basic for Applications (VBA) SDK 5.0 through 6.3 allows remote attackers to execute arbitrary code via a document with a long ID parameter.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Office | Microsoft | 2000 (including) | 2000 (including) |
| Office | Microsoft | 2000-sp2 (including) | 2000-sp2 (including) |
| Office | Microsoft | 2000-sp3 (including) | 2000-sp3 (including) |
| Office | Microsoft | xp (including) | xp (including) |
| Office | Microsoft | xp-sp1 (including) | xp-sp1 (including) |
| Office | Microsoft | xp-sp2 (including) | xp-sp2 (including) |
| Project | Microsoft | 2000 (including) | 2000 (including) |
| Project | Microsoft | 2002 (including) | 2002 (including) |
| Visio | Microsoft | 2002 (including) | 2002 (including) |
| Visual_basic | Microsoft | 5.0 (including) | 5.0 (including) |
| Visual_basic | Microsoft | 6.2 (including) | 6.2 (including) |
| Visual_basic | Microsoft | 6.3 (including) | 6.3 (including) |