Flaw: Microsoft Visual Basic for Applications

Microsoft has issued a security bulletin warning of a critical flaw in Microsoft Visual Basic for Applications versions 5.0 to 6.3.

According to the bulletin, a buffer overrun exists in the way VBA checks document properties, which could be exploited by an attacker to execute code of their choice in the context of the logged on user.

The flaw affects a long list of Microsoft Office applications, including Access 97, 2002 and 2002, Works Suite 2001, 2002 and 2003, Project 2000 and 2002, Publisher 2000 and 2002, PowerPoint 2002 and 2002, Word 97, 2000 and 2002 and several Microsoft Business Solutions products.

More information on the flaw is available at: http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/MS03-037.asp

Join the newsletter!

Error: Please check your email address.

More about Microsoft

Show Comments