CVE-2007-2884

Microsoft Visual Basic 6 - Buffer Overflow

Title source: llm

Description

Multiple stack-based buffer overflows in Microsoft Visual Basic 6 allow user-assisted remote attackers to cause a denial of service (CPU consumption) or execute arbitrary code via a Visual Basic Project (vbp) file with a long (1) Description or (2) Company Name (VersionCompanyName) field.

Exploits (2)

exploitdb WORKING POC VERIFIED

by UmZ · perldoswindows

https://www.exploit-db.com/exploits/3977

View Code ZIP pw:eip

exploitdb WORKING POC VERIFIED

by UmZ · perldoswindows

https://www.exploit-db.com/exploits/3976

View Code ZIP pw:eip

References (8)

[Third Party Advisory, VDB Entry] http://osvdb.org/41053

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/34475

[Exploit, Third Party Advisory] https://www.exploit-db.com/exploits/3977

[Third Party Advisory, VDB Entry] http://osvdb.org/41052

[Exploit, Third Party Advisory] https://www.exploit-db.com/exploits/3976

[Exploit] http://www.securityfocus.com/bid/24128

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/34476

[Exploit] http://www.securityfocus.com/bid/24129

Scores

EPSS 0.6338

EPSS Percentile 98.4%

Details

CWE

CWE-20 CWE-399

Status published

Products (1)

microsoft/visual_basic 6.0

Published May 30, 2007

Tracked Since Feb 18, 2026