Executive Summary
Summary | |
---|---|
Title | Vulnerability in Microsoft Visual Basic for Applications Could Allow Remote Code Execution (978213) |
Informations | |||
---|---|---|---|
Name | MS10-031 | First vendor Publication | 2010-05-11 |
Vendor | Microsoft | Last vendor Modification | 2010-05-19 |
Severity (Vendor) | Critical | Revision | 1.1 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 9.3 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Medium |
Cvss Expoit Score | 8.6 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Revision Note: V1.1 (May 19, 2010): Added an Update FAQ to explain the bulletin-only changes. There were no changes to the security update files or detection logic. Customers who have already successfully updated their systems do not need to take any action.Summary: This security update resolves a privately reported vulnerability in Microsoft Visual Basic for Applications. The vulnerability could allow remote code execution if a host application opens and passes a specially crafted file to the Visual Basic for Applications runtime. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. |
Original Source
Url : http://www.microsoft.com/technet/security/bulletin/MS10-031.mspx |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:7074 | |||
Oval ID: | oval:org.mitre.oval:def:7074 | ||
Title: | VBE6.DLL Stack Memory Corruption Vulnerability | ||
Description: | VBE6.DLL in Microsoft Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Visual Basic for Applications (VBA), and VBA SDK 6.3 through 6.5 does not properly search for ActiveX controls that are embedded in documents, which allows remote attackers to execute arbitrary code via a crafted document, aka "VBE6.DLL Stack Memory Corruption Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-0815 | Version: | 5 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 | Product(s): | Microsoft Office 2000 Microsoft Office XP Microsoft Office 2003 Microsoft Office 2007 Microsoft Visual Basic for Applications |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
Type | Description | Count |
---|---|---|
Application | 4 | |
Application | 1 | |
Application | 3 |
OpenVAS Exploits
Date | Description |
---|---|
2010-05-13 | Name : Microsoft Visual Basic Remote Code Execution Vulnerability (978213) File : nvt/secpod_ms10-031.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
64529 | Microsoft Visual Basic for Applications VBE6.dll Single-Byte Stack Overwrite |
Snort® IPS/IDS
Date | Description |
---|---|
2019-09-12 | Microsoft VBE6.dll stack corruption attempt RuleID : 50959 - Revision : 1 - Type : FILE-OFFICE |
2014-01-10 | Microsoft VBE6.dll stack corruption attempt RuleID : 16593 - Revision : 16 - Type : FILE-OFFICE |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2010-05-11 | Name : Arbitrary code can be executed on the remote host through Visual Basic for Ap... File : smb_nt_ms10-031.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:46:33 |
|
2014-01-19 21:30:28 |
|
2013-05-11 00:49:38 |
|