CVE-2008-2959

Microsoft Visual Basic Enterprise Edition 6.0 SP6 - Buffer Overflow via fCreateShellLink lpstrLinkPath Argument

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2008-2959. PoCs published by shinnai.

AI-analyzed exploit summary This is a proof-of-concept exploit for a buffer overflow vulnerability in vb6stkit.dll, part of Visual Basic Enterprise Edition SP6. It demonstrates EIP control via an overly long string passed to the lpstrLinkPath parameter in the fCreateShellLink function.

Description

Buffer overflow in a certain ActiveX control (vb6skit.dll) in Microsoft Visual Basic Enterprise Edition 6.0 SP6 might allow remote attackers to execute arbitrary code via a long lpstrLinkPath argument to the fCreateShellLink function.

Exploits (1)

exploitdb WORKING POC VERIFIED

by shinnai · textdoswindows

https://www.exploit-db.com/exploits/5851

View Code ZIP pw:eip

This is a proof-of-concept exploit for a buffer overflow vulnerability in vb6stkit.dll, part of Visual Basic Enterprise Edition SP6. It demonstrates EIP control via an overly long string passed to the lpstrLinkPath parameter in the fCreateShellLink function.

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Moderate

Reliability

Theoretical

Target: Microsoft Visual Basic Enterprise Edition SP6 (vb6stkit.dll)

No auth needed

Prerequisites: Visual Basic Enterprise Edition SP6 installed · vb6stkit.dll present

MITRE ATT&CK

T1190 - Exploit Public-Facing Application

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3

Core References

Exploit, Third Party Advisory exploit x_refsource_exploit-db

https://www.exploit-db.com/exploits/5851

Exploit vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/29792

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/43180

Scores

EPSS 0.2480

EPSS Percentile 97.6%

Details

CWE

CWE-119

Status published

Products (1)

microsoft/visual_basic_enterprise_edition 6.0 sp6

Published Jul 02, 2008

Tracked Since Feb 18, 2026